Lucene search
K

34200 matches found

OSV
OSV
added 2025/11/07 8:49 a.m.5 views

BIT-REDIS-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...

8.8CVSS8.2AI score0.06431EPSS
Exploits2References4
OSV
OSV
added 2025/11/07 8:40 a.m.2 views

BIT-KEYDB-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...

8.8CVSS8.2AI score0.06431EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/06 2:10 p.m.10 views

Security Bulletin: Due to the use of helm, IBM Kubecost Self Hosted is affected by stack overflow and memory exhaustion

Summary helm is used by IBM Kubecost Self Hosted as part of the cluster-controller component CVE-2025-32387, CVE-2025-32386 Vulnerability Details CVEID:CVE-2025-32387 DESCRIPTION: Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply...

6.5CVSS6.7AI score0.00407EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/11/06 9:2 a.m.3 views

CLSA-2025-1762419767 Fix CVE(s): CVE-2022-3296

SECURITY UPDATE: Stack-based Buffer Overflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: check CSFTRY can be found - CVE-2022-3296 Fix Testterminalnoblock - debian/patches/fix-flaky-terminal-noblock-test.patch...

7.8CVSS5.8AI score0.00513EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-62507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigge...

8.8CVSS6.8AI score0.06431EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.6 views

PT-2025-48206

Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata, a network IDS, IPS and NSM engine, is susceptible to a stack overflow when logging large HTTP content types. This can lead to Suricata crashing. A...

7.8CVSS6.8AI score0.01172EPSS
Exploits3References59
RedhatCVE
RedhatCVE
added 2025/11/05 10:4 p.m.8 views

CVE-2025-54526

Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...

8.4CVSS7.9AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/05 10:4 p.m.7 views

CVE-2025-62507

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...

8.8CVSS7.5AI score0.06431EPSS
Exploits2References6
SUSE Linux
SUSE Linux
added 2025/11/05 3:45 p.m.7 views

Security update for tiff

This update for tiff fixes the following issues: Update to 4.7.1: CVE-2025-8851: Fixed stack-based buffer overflow bsc1248278. CVE-2025-9900: Fixed write-what-where via TIFFReadRGBAImageOriented bsc1250413. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

8.5CVSS7.5AI score0.00739EPSS
Exploits0References8
Microsoft CVE
Microsoft CVE
added 2025/11/05 9:2 a.m.6 views

Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode

...

6.2CVSS7AI score0.00165EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988682)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988682 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node ...

9CVSS5.9AI score0.67994EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990218)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990218 advisory. In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel,...

7.3CVSS6.2AI score0.00223EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989257)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989257 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type u32 instead of type...

6.6CVSS5.9AI score0.00238EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989201 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbfi2csmbusstarttransaction memcpy is called in a loop...

7.8CVSS6.2AI score0.00253EPSS
Exploits0References4
CNVD
CNVD
added 2025/11/05 12:0 a.m.4 views

Tenda AX-3 get_parentControl_list_Info function stack buffer overflow vulnerability

Tenda AX-3 is a home smart wireless router from Tenda that supports Wi-Fi6 802.11ax standard for home networking environment. The Tenda AX-3 suffers from a stack buffer overflow vulnerability that originates from the deviceId parameter in the getparentControllistInfo function failing to properly...

7.5CVSS6.1AI score0.00362EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.3 views

TOTOLINK LR350 sub_422880 function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

7.5CVSS7.2AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.4 views

TOTOLINK LR350 sub_421BAC function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

7.5CVSS7.2AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.3 views

TOTOLINK LR350 sub_426EF8 function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the password parameter in the...

7.5CVSS7.3AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.3 views

TOTOLINK LR350 sub_425400 function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

7.5CVSS7.2AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.3 views

TOTOLINK LR350 sub_42396C function stack buffer overflow vulnerability

TOTOLINK LR350 is a 4GLTE wireless router from China's Gion Electronics TOTOLINK that supports converting 4G signals to wired signals for home and office scenarios. The TOTOLINK LR350 suffers from a stack buffer overflow vulnerability, which stems from the failure of the ssid parameter in the...

7.5CVSS7.2AI score0.00376EPSS
Exploits1References1
Rows per page
Query Builder