EUVD-2025-206404

The function uxhostclassstoragemediamount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in...

CVE-2026-1425

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-24820

CVE-2026-24820 is described across multiple sources as an Out-of-bounds Read vulnerability in turanszkij WickedEngine, specifically linked to WickedEngine/LUA modules and a code segment in ldebug.C. Affected software is WickedEngine prior to version 0.71.705. The connected documents do not provid...

CVE-2026-24820 A stack overflow vulnerability in turanszkij/WickedEngine

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

CVE-2026-24820 A stack overflow vulnerability in turanszkij/WickedEngine

Out-of-bounds Read vulnerability in turanszkij WickedEngine WickedEngine/LUA modules. This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705...

SUSE-SU-2026:0301-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: Security fixes: - CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 - CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing...

Astra Linux - уязвимость в zabbix

The reported vulnerability is a stack buffer overflow in the zbxsnmpcachehandleengineid function within the Zabbix server/proxy code. This issue occurs when copying data from session-securityEngineID to localrecord.engineid without proper bounds checking...

CVE-2026-1361 ASDA-Soft Stack-based Buffer Overflow Vulnerability

ASDA-Soft Stack-based Buffer Overflow Vulnerability...

Eclipse ThreadX USBX security vulnerabilities

Eclipse ThreadX USBX is an open-source version of Eclipse ThreadX, which includes a USB host, device, and mobile embedded stack. There is a security vulnerability in Eclipse ThreadX USBX, caused by the uxhostclassstoragemediamount function having unlimited recursive depth, which may lead to a sta...

PT-2026-4935

The function ux host class storage media mount is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in ux host class storag...

GNUPG security vulnerabilities

GNU Privacy Guard is a set of open-source encryption software from the GNU community in the United States, licensed under the GNU General Public License. This software supports algorithms such as public key encryption, symmetric encryption, and hashing. Versions of GnuPG prior to 2.5.17 contained...

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

GNUPG security vulnerabilities

GNU Privacy Guard is an open-source encryption software developed by the GNU community in the United States. It is licensed under the GNU General Public License. This software supports algorithms such as public key encryption, symmetric encryption, and hashing. Prior to version 2.5.17, GnuPG had...

PT-2026-4985

Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, Suricata can crash with a stack overflow. Version 8.0.3 patches the issue. As a workaround, use default values for request-body-limit and response-body-limit...

Suricata security vulnerabilities

Suricata is a network IDS, IPS, and NSM engine developed by the Open Information Security Foundation. Vulnerabilities exist in versions of Suricata prior to 8.0.3 and 7.0.14. These vulnerabilities stem from the use of a stack buffer for storing data sets; if the data size is too large, it may lea...

Linux Distros Unpatched Vulnerability : CVE-2025-68670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper boun...

xrdp security vulnerabilities

XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to v0.10.5 contained security vulnerabilities. These vulnerabilities stemmed from improper boundary checking when processing user domain information, which could lead to stack-based buffer...

UBUNTU-CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...