CVE-2026-25502 iccDEV is vulnerable to stack-buffer-overflow in icFixXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml function when processing malformed ICC profiles, allows potential arbitrary code execution...

CVE-2026-25502 iccDEV is vulnerable to stack-buffer-overflow in icFixXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml function when processing malformed ICC profiles, allows potential arbitrary code execution...

K000159868: OpenSSL vulnerability CVE-2025-15467

Security Advisory Description Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsi...

CVE-2026-24465

Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...

CVE-2026-24465

Summary of CVE-2026-24465 (ELECOM wireless LAN access points): A stack-based buffer overflow exists in ELECOM wireless LAN access point devices, allowing a crafted packet to potentially execute arbitrary code. The vulnerability is described consistently across multiple sources (NVD/Red Hat/CIRCL/...

CVE-2026-24465

Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...

EUVD-2026-5273

Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution...

Can Developers Rely on LLMs for Secure IaC Development?

We investigated the capabilities of GPT-4o and Gemini 2.0 Flash for secure Infrastructure as Code IaC development. For security smell detection, on the Stack Overflow dataset, which primarily contains small, simplified code snippets, the models detected at least 71% of security smells when prompt...

CVE-2025-67188

A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204B20210112. The issue resides in the setRadvdCfg interface of the /lib/cstemodules/ipv6.so module. The function fails to properly validate the length of the user-controlled radvdinterfacename parameter, allowing remote attacker...

TOTOLINK A950RG 安全漏洞

TOTOLINK A950RG is a super-generation Giga wireless router produced by TOTOLINK Corporation. The TOTOLINK A950RG V4.1.2cu.5204B20210112 version contains a security vulnerability. This vulnerability stems from insufficient length validation of the radvdinterfacename parameter in the setRadvdCfg...

openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...

Security Bulletin: Security vulnerability in Apache Commons Lang may affect IBM Business Automation Workflow - CVE-2025-48924

Summary IBM Business Automation Workflow packages a vulnerable copy of the Apache Commons Lang open source library. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

CVE-2026-1761

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

CVE-2026-1761

A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption...

libsoup 安全漏洞

Libsoup is a GNOME project’s HTTP client/server library. Libsoup has a security vulnerability that stems from an error in calculating the length of multipart HTTP responses. This error can lead to stack buffer overflows, memory corruption, application crashes, or the execution of arbitrary code...

D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)

Exploit Title: D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow DoS Google Dork: N/A Date: 2025-09-25 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.dlink.com/ Software Link: https://tsd.dlink.com.tw/downloads2008detail.asp Version: DIR-825 Rev.B = 2.10 Tested on: DIR-825...

Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2026-1121)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1637

A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might...

EulerOS Virtualization 2.10.0 : icu (EulerOS-SA-2026-1173)

According to the versions of the icu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct...

EulerOS Virtualization 2.10.0 : ncurses (EulerOS-SA-2026-1183)

According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the...