Cleanersoft Free MP3 CD Ripper has security vulnerabilities

Cleanersoft Free MP3 CD Ripper is a track extraction software developed by Cleanersoft Corporation. Version 2.8 of Cleanersoft Free MP3 CD Ripper contains a security vulnerability. This vulnerability arises from malicious WAV files that may cause stack buffer overflows, potentially allowing...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from a stack overflow in the mkhttpindexlookup function. This vulnerability could lead to denial-of-service attacks...

📄 OpenSSL 3.x ASN.1 AES‑GCM Nonce Stack Corruption

This Metasploit auxiliary module generates a specially crafted CMS file encoded in DER format to test a stack-based buffer overflow vulnerability in OpenSSL's ASN.1 parser related to improper handling of oversized AES-GCM nonce IV values within AES-GCM-Parameters as defined in RFC 5084. The...

CVE-2025-63658

A stack overflow in the mkhttpindexlookup function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:0310-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0310-1 advisory. - CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. - CVE-2025-68160: Heap out-of-bounds write in...

CVE-2025-55095

The function uxhostclassstoragemediamount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in...

CVE-2020-36971

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

CVE-2020-36971

CVE-2020-36971 affects Nidesoft 3GP Video Converter 2.6.18. The vulnerability is a local stack buffer overflow in the license registration parameter; an attacker can craft a malicious payload in the License Code field to execute arbitrary code on the host. Provided sources consistently describe t...

CVE-2020-36971 Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

EUVD-2020-30878

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

CVE-2020-36971 Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow

Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffer overflow vulnerability in the license registration parameter. Attackers can craft a malicious payload and paste it into the 'License Code' field to execute arbitrary code on the system...

openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

A flaw was found in OpenSSL. When an application processes a maliciously crafted PKCS12 file, an attacker can exploit a stack buffer overflow or a NULL pointer dereference. This can lead to a denial of service DoS by crashing the application, and in some cases, may enable arbitrary code execution...

Exploit for Out-of-bounds Write in Starnight Micro_Http_Server

📛 CVE-2023-50965 — MicroHttpServer Stack-Based Buffer Ove...

CVE-2025-26386 Stack-based Buffer Overflow in Johnson Controls iSTAR Configuration Utility (ICU) tool

Johnson Controls iSTAR Configuration Utility ICU has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility ICU version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of the machine hosting the...

EUVD-2025-206488

Johnson Controls iSTAR Configuration Utility ICU has Stack-based Buffer Overflow vulnerability. This issue affects iSTAR Configuration Utility ICU version 6.9.7 and prior. Successful exploitation of this vulnerability could result in failure within the operating system of the machine hosting the...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing bsc1256830. CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level...

CVE-2026-22262

A flaw was found in Suricata, a network intrusion detection/prevention system IDS/IPS. When saving a dataset, the system uses a stack buffer to process the data. If an attacker provides excessively large data within a dataset, it can cause a stack overflow. This vulnerability could lead to a deni...

SUSE CVE-2025-68670

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

SUSE CVE-2026-22260

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for request-body-limit and response-body-limit...