Astra Linux – Vulnerability in libxml2

Uncontrolled recursion occurs during XPath evaluation in libxml2, including in versions up to and including 2.9.14. This allows a local attacker to cause a stack overflow through crafted expressions. The XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr reset t...

Astra Linux – Vulnerability in OpenSSL

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData messages with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing a Denial of Service, or potentially remote code execution. When parsing CMS...

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick failed to detect circular references between two MVGs, resulting in a stack overflow issue. This is a DoS vulnerability, and any situation that allows reading the mvg...

SUSE-SU-2026:20355-1 Security update for libtasn1

This update for libtasn1 fixes the following issues: - CVE-2025-13151: lack of validation of input data size leads to stack-based buffer overflow in asn1expendoctetstring bsc1256341...

Security Bulletin: IBM B2B Advanced Communications is affected by vulnerability in XStream

Summary IBM B2B Advanced Communications has addressed a vulnerability in XStream library shipped with product CVE-2024-47072. Vulnerability Details CVEID:CVE-2024-47072 DESCRIPTION: XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote...

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior due to a flaw in error handling when asynchooks or AsyncLocalStorage is enabled. Normally, a "Maximum call stack size exceeded" error stack overflow is catchable by...

CVE-2025-66176

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66176

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66177

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66177

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66177

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66177

CVE-2025-66177 describes a stack overflow vulnerability in Hikvision NVR/DVR/CVR/IPC devices’ Search and Discovery feature. An attacker on the same LAN could cause a device to malfunction by sending specially crafted packets to an unpatched device. Connected sources corroborate a Hikvision stack-...

CVE-2025-66176

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66176

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

CVE-2025-66176

CVE-2025-66176 describes a stack overflow in the device Search and Discovery feature of Hikvision Access Control Products. Reported as exploitable by an attacker on the same LAN who can cause device malfunction by sending specially crafted packets to an unpatched device. Affected product scope is...

CVE-2025-71024

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

PT-2026-2420

Name of the Vulnerable Software and Affected Versions Inbit Messenger versions 4.6.0 through 4.9.0 Description A remote stack-based buffer overflow exists in Inbit Messenger that allows unauthenticated attackers to execute arbitrary code. This is achieved by sending malformed network packets to t...

CVE-2025-71025

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-70753

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security5g parameter of the sub4CA50 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

Tenda AX-3 安全漏洞

Tenda AX-3 is a home smart wireless router from Tenda that supports Wi-Fi6 802.11ax standard for home networking environment. The Tenda AX-3 suffers from a stack buffer overflow vulnerability, which stems from the failure of the serviceName2 parameter in the fromAdvSetMacMtuWan function to proper...