CVE-2025-68156

Expr (Go library) contains a DoS risk in builtins such as flatten, min, max, mean, and median due to potential unbounded recursion on deeply nested or cyclic data. A fix was released in v1.17.7 introducing a maximum recursion depth limit; users can customize it via builtin.MaxDepth. The CVE conte...

CVE-2025-68255

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

CVE-2025-68255

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

UBUNTU-CVE-2025-68255

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

CVE-2025-68255

CVE-2025-68255 affects the Linux kernel staging rtl8723bs driver. The OnAssocReq Information Element parsing used the incoming Supported Rates IE length directly as the memcpy length into a fixed 16-byte stack buffer, enabling a stack overflow when an attacker advertises a longer IE. The fix clam...

CVE-2025-66635

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

CVE-2025-66635

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

EUVD-2025-203525

Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products and versions, see the information provided by the vendor under References...

CVE-2025-66635

CVE-2025-66635 is a stack-based buffer overflow in SEIKO EPSON Web Config. A logged-in user can supply specially crafted input to execute arbitrary code. Affected software is SEIKO EPSON Web Config on printers. The vendor guidance references firmware updates as remediation (update firmware to lat...

PT-2025-51375

Name of the Vulnerable Software and Affected Versions SEIKO EPSON Web Config affected versions not specified Description A stack-based buffer overflow issue exists in SEIKO EPSON Web Config. A logged-in user providing specially crafted data can potentially execute arbitrary code. Recommendations ...

ROS-20251216-7321

A vulnerability in the "virtioCoreR3VirtqInfo" function of the "VBoxManage debugvm" command of the Oracle VM VirtualBox virtualization software tool is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and gain unauthoriz...

ROS-20251216-7322

A vulnerability in the "virtioCoreR3VirtqInfo" function of the "VBoxManage debugvm" command of the Oracle VM VirtualBox virtualization software tool is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and gain unauthoriz...

ROS-20251216-7323

A vulnerability in the "virtioCoreR3VirtqInfo" function of the "VBoxManage debugvm" command of the Oracle VM VirtualBox virtualization software tool is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and gain unauthoriz...

Linux Distros Unpatched Vulnerability : CVE-2025-68255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directl...

📄 HTMLDOC 1.9.13 Stack Buffer Overflow

Proof of concept exploit written in PHP for HTMLDOC version 1.9.13 that generates a malicious BMP file that will trigger a stack buffer overflow vulnerability...

Expr 安全漏洞

Expr is an expression language and expression evaluation for Go open-sourced by Expr. A security vulnerability exists in versions of Expr prior to 1.17.7, which stems from multiple built-in functions that do not enforce maximum recursion depth, potentially resulting in a stack overflow and proces...

PT-2025-51779

Name of the Vulnerable Software and Affected Versions Expr versions prior to 1.17.7 Description The Expr library, used for expression language and evaluation in Go, contains a flaw where certain builtin functions – including flatten, min, max, mean, and median – can cause a denial of service. The...

CVE-2023-53886

Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service...