34107 matches found
CVE-2026-22213
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22212
TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy and strcat functions when constructing device paths during automatic device discovery. A local attacker can exploit this by...
CVE-2026-22214
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...
CVE-2026-22213
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22214 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in ethos Serial Frame Parser
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...
CVE-2026-22214
Summary: RIOT OS
CVE-2026-22213 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22213
RIOT OS
CVE-2026-22212 TinyOS <= 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio
TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy and strcat functions when constructing device paths during automatic device discovery. A local attacker can exploit this by...
CVE-2026-22212 TinyOS <= 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio
TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy and strcat functions when constructing device paths during automatic device discovery. A local attacker can exploit this by...
CVE-2026-22212
CVE-2026-22212 concerns TinyOS up to 2.1.2, where the mcp2200gpio utility is vulnerable to a stack-based buffer overflow. The root cause is unsafe use of strcpy() and strcat() when constructing device paths during automatic device discovery, allowing a local attacker to craft filenames under /dev...
Updated libtasn1 packages fix security vulnerability
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring. CVE-2025-13151...
MGASA-2026-0007 Updated libtasn1 packages fix security vulnerability
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring. CVE-2025-13151...
EUVD-2025-206283
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...
CVE-2025-68622 Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...
CVE-2025-68622 Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...
CVE-2025-68622 Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...
Espressif ESP-IDF 安全漏洞
Espressif ESP-IDF is an IoT development framework from China Loxin Espressif. A security vulnerability exists in Espressif ESP-IDF versions prior to 2.4.0, which stems from a failure to validate a length value during configuration descriptor parsing, which could result in a stack buffer overflow...
PT-2026-2321
Name of the Vulnerable Software and Affected Versions TinyOS versions up to and including 2.1.2 Description TinyOS versions up to and including 2.1.2 have a stack-based buffer overflow issue in the mcp2200gpio utility. This is due to the unsafe use of strcpy and strcat functions when creating...
PT-2026-2348
Name of the Vulnerable Software and Affected Versions Hikvision NVR/DVR/CVR/IPC models affected versions not specified Description A stack overflow issue exists in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. An attacker on the same local area network LAN could cau...