34175 matches found
CVE-2025-13654 CVE-2025-13654
A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...
CVE-2025-13654
A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...
Security Bulletin: IBM Storage Protect Operations Center is vulnerable to improper access control and stack overflow due to IBM SDK, Java (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447)
Summary IBM SDK, Java is vulnerable to improper access control and stack overflow, IBM Storage Protect Operations Center uses IBM SDK, Java and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the...
Security Bulletin: IBM Storage Protect Server is vulnerable to improper access control and stack overflow due to IBM SDK, Java (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447)
Summary IBM SDK, Java is vulnerable to improper access control and stack overflow, IBM Storage Protect Server uses IBM SDK, Java and may be affected by this vulnerability. Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL...
Multiple vulnerabilities in ABB Terra AC Wallbox
Overview Terra AC Wallbox provided by ABB contains the following vulnerability. Heap-based buffer overflow CWE-122 - CVE-2025-10504 Classic buffer overflow CWE-120 - CVE-2025-12142 Stack-based buffer overflow CWE-121 - CVE-2025-12143 Ryo Kato of Panasonic reported this vulnerability to IPA...
📄 Apache bRPC Stack Overflow
A critical stack overflow vulnerability in Apache bRPC's JSON parser allows remote attackers to crash servers via specially crafted deep recursive JSON data. Versions prior to 1.15.0 are affected...
Duc contains a stack buffer overflow vulnerability in the buffer_get function, allowing for out-of-bounds memory read
Overview Duc, an open-source disk management tool, contains a stack-based buffer overflow vulnerability allowing for out-of-bounds memory read. An attacker can exploit this vulnerability through malformed input data, and can cause the tool to either crash or cause it to disclose portions of memor...
Mageia: Security Advisory (MGASA-2025-0317)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0317 Updated gnutls packages fix security vulnerability
Stack write buffer overflow. CVE-2025-9820...
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...
CVE-2025-1547
A stack-based buffer overflow vulnerability CWE-121 in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through...
CVE-2025-1547
WatchGuard Fireware OS has a stack-based buffer overflow in the certificate request CLI command (CWE-121) that could allow an authenticated privileged user to execute arbitrary code. Affected releases: Fireware OS 12.0–12.5.12+701324 and 12.6–12.11.2. Root cause appears to be insufficient bounds ...
CVE-2025-1547 WatchGuard Firebox Authenticated Stack Overflow in Certificate Request Command
A stack-based buffer overflow vulnerability CWE-121 in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through...
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 and 12.6 through 12.11.2, which stems from a stack buffer overflow in the certificate request command that could lead to th...
PT-2025-49166
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.5.12+701324 WatchGuard Fireware OS versions 12.6 through 12.11.2 Description A stack-based buffer overflow exists in the certificate request command of WatchGuard Fireware OS. An authenticated...
CVE-2025-11785
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...
CVE-2025-11778
Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...
CVE-2025-11784
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...
(Pwn2Own) Synology BeeStation Plus auth_info Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Synology BeeStation Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the authinfo parameter. The issue results from the lack of prope...
AlmaLinux 9 : gimp (ALSA-2025:21968)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:21968 advisory. gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 gimp: GIMP ICNS File Parsing Out-Of-Bounds Writ...