Linux Distros Unpatched Vulnerability : CVE-2025-15467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact...

UBUNTU-CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

Scan discovered multiple CVEs against glibc

Binary scan of Brocade Fabric OS identified multiple potential CVEs against glibc CVE-2020-6096 An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negativ...

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

CVE-2025-9820

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

CVE-2025-9820 Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

CVE-2025-9820 Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

GHSA-P5WG-G6QR-C7CG Withdrawn Advisory: eslint has a Stack Overflow when serializing objects with circular references

Withdrawn Advisory This advisory has been withdrawn because RuleTester is used for testing rules during development and results in a error rather than crashing the application. Original Description There is a Stack Overflow vulnerability in eslint before 9.26.0 when serializing objects with...

Withdrawn Advisory: eslint has a Stack Overflow when serializing objects with circular references

Withdrawn Advisory This advisory has been withdrawn because RuleTester is used for testing rules during development and results in a error rather than crashing the application. Original Description There is a Stack Overflow vulnerability in eslint before 9.26.0 when serializing objects with...

CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

UBUNTU-CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

BIT-NODE-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

SUSE-SU-2026:0295-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: Security fixes: - CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 - CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing...

CVE-2026-1425

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

UBUNTU-CVE-2026-1425

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-1425

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-1425 pymumu SmartDNS SVBC Record dns.c _dns_decode_SVCB_HTTPS stack-based overflow

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-1425

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...