34186 matches found
CVE-2025-59365
A stack buffer overflow vulnerability has been identified in certain router models. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the...
libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...
PT-2025-48016
Name of the Vulnerable Software and Affected Versions ASUS Router Firmware affected versions not specified Description A stack buffer overflow condition exists in certain router models. An authenticated attacker can trigger this issue by sending a specially crafted request, which may lead to a...
ASUS Router 安全漏洞
ASUS Router is a router product and accompanying management application from ASUS, primarily used for wireless connectivity and management of home and business networks. ASUS Router suffers from a stack buffer overflow vulnerability that originates from a boundary error when the application handl...
PT-2025-48024
Security Point Windows of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code execution with SYSTEM privilege...
gimp: GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
A stack-based buffer overflow vulnerability exists in the ILBM file parsing functionality of GIMP. When processing a specially crafted ILBM image file, improper validation of user-supplied data length before copying to a stack buffer can lead to memory corruption. Successful exploitation allows a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack overflow and double deletion in the setmeshsync and setmeshcomplete functions in Bluetooth MGMT, whi...
PT-2025-52897
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the erofs filesystem. Specifically, the issue involves insufficient limitations on filesystem stacking for file-backed mounts, potentially...
Tenda AC21 SetIpMacBind File Stack Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Tenda AC21 SetSysTimeCfg File Stack Buffer Overflow Vulnerability
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
Fluent Bit contains five vulnerabilities, including stack buffer overflow, auth bypass, and path traversal
Overview Fluent Bit is a logging and metrics processor and forwarder that is used in a variety of cloud and container networking environments. Several vulnerabilities in Fluent Bit have been discovered that could allow for authentication bypass, remote code execution RCE and denial of service DoS...
OSV-2025-930 Dynamic-stack-buffer-overflow in _ox_err_set_with_location
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=462353164 Crash type: Dynamic-stack-buffer-overflow READ 1 Crash state: oxerrsetwithlocation readelement oxparse...
EulerOS 2.0 SP13 : icu (EulerOS-SA-2025-2435)
According to the versions of the icu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the...
EulerOS 2.0 SP13 : libtiff (EulerOS-SA-2025-2449)
According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the file tools/tiff2ps...
FreeBSD : GnuTLS -- Stack write buffer overflow (b6835edf-c6c8-11f0-8471-74563cf9e4e9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b6835edf-c6c8-11f0-8471-74563cf9e4e9 advisory. GnuTLS reports: When a PKCS11 token is initialized with gnutlspkcs11tokeninit function and it is passed...
CVE-2025-40601
A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash...
CVE-2025-13446
A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...
EulerOS 2.0 SP13 : icu (EulerOS-SA-2025-2446)
According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the...
Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2025-2435)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-13446
A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...