Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

34097 matches found

EUVD
EUVDadded 2026/01/27 4:1 p.m.3 views

EUVD-2025-206379

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData...

6.4AI score0.45854EPSS
Exploits7References6
ATTACKERKB
ATTACKERKBadded 2026/01/27 4:1 p.m.20 views

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

8.8CVSS8.5AI score0.45854EPSS
Exploits7References7Affected Software1
Cvelist
Cvelistadded 2026/01/27 4:1 p.m.25 views

CVE-2025-15467 Stack buffer overflow in CMS (Auth)EnvelopedData parsing

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

0.45854EPSS
Exploits7References6
CVE
CVEadded 2026/01/27 4:1 p.m.393 views

CVE-2025-15467

CVE-2025-15467 affects OpenSSL 3.x (3.0–3.6); parsing CMS AuthEnvelopedData with AEAD ciphers (e.g., AES-GCM) can overflow a fixed-size stack buffer when the ASN.1 IV is oversized. This leads to a stack-based write before authentication, causing Denial of Service and potentially remote code execu...

8.8CVSS8.8AI score0.45854EPSS
Exploits7References10Affected Software1
AlpineLinux
AlpineLinuxadded 2026/01/27 4:1 p.m.4 views

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

8.8CVSS8.8AI score0.45854EPSS
Exploits7References10
Debian CVE
Debian CVEadded 2026/01/27 4:1 p.m.13 views

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

8.8CVSS8.1AI score0.45854EPSS
Exploits7
Vulnrichment
Vulnrichmentadded 2026/01/27 3:59 p.m.2 views

CVE-2025-11187 Improper validation of PBMAC1 parameters in PKCS#12 MAC verification

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

6.3AI score0.00515EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/01/27 3:59 p.m.18 views

CVE-2025-11187 Improper validation of PBMAC1 parameters in PKCS#12 MAC verification

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

0.00515EPSS
Exploits1References4
AlpineLinux
AlpineLinuxadded 2026/01/27 3:59 p.m.5 views

CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

6.1CVSS6.3AI score0.00515EPSS
Exploits1
EUVD
EUVDadded 2026/01/27 3:52 p.m.3 views

EUVD-2025-206388

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

9.1CVSS6.7AI score0.01318EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/01/27 3:52 p.m.18 views

CVE-2025-68670 xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

9.1CVSS0.01318EPSS
Exploits0References3
CVE
CVEadded 2026/01/27 3:52 p.m.38 views

CVE-2025-68670

CVE-2025-68670 affects xrdp and related components (e.g., xorgxrdp). The bug is an unauthenticated, stack-based buffer overflow caused by improper bounds checking when processing user domain information during the connection sequence. Exploitation could lead to remote code execution with network ...

9.8CVSS6.7AI score0.01318EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/01/27 3:52 p.m.4 views

CVE-2025-68670

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

9.1CVSS6.7AI score0.01318EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/27 3:52 p.m.2 views

CVE-2025-68670 xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

9.1CVSS6.7AI score0.01318EPSS
Exploits0References3
OSV
OSVadded 2026/01/27 3:52 p.m.3 views

CVE-2025-68670 xrdp improperly checks bounds of domain string length, which leads to Stack-based Buffer Overflow

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

9.1CVSS6.7AI score0.01318EPSS
Exploits0References6
AlpineLinux
AlpineLinuxadded 2026/01/27 3:52 p.m.2 views

CVE-2025-68670

xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote...

9.8CVSS6.8AI score0.01318EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/27 3:46 p.m.3 views

CVE-2025-50537

A flaw was found in eslint. An attacker can exploit this vulnerability by providing an object with circular references to the RuleTester.run method. This action causes an infinite recursion within the isSerializable function, leading to a stack overflow. The primary consequence of this flaw is a...

5.5CVSS5.9AI score0.00163EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/01/27 3:34 p.m.24 views

CVE-2025-55095

The function uxhostclassstoragemediamount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in...

4.2CVSS0.00138EPSS
Exploits1References1
CVE
CVEadded 2026/01/27 3:34 p.m.14 views

CVE-2025-55095

CVE-2025-55095 affects the USBX host storage code in Eclipse ThreadX. The function _ux_host_class_storage_media_mount() recursively traverses extended partitions; it parses up to four partition entries in _ux_host_class_storage_partition_read() and recurses when it encounters a type UX_HOST_CLASS...

7CVSS5.9AI score0.00138EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/27 3:34 p.m.3 views

CVE-2025-55095

The function uxhostclassstoragemediamount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in...

4.2CVSS5.9AI score0.00138EPSS
Exploits1References1
Rows per page
Query Builder