34199 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990066)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990066 advisory. In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989201)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989201 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbfi2csmbusstarttransaction memcpy is called in a loop...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989257)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989257 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type u32 instead of type...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990218)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990218 advisory. In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel,...
PT-2025-48205
Name of the Vulnerable Software and Affected Versions Suricata versions prior to 7.0.13 Suricata versions prior to 8.0.2 Description Suricata is a network IDS, IPS and NSM engine. Versions of Suricata prior to 7.0.13 and 8.0.2 are susceptible to a stack overflow that can cause the software to cra...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988682)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988682 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipcmonrcv allows a node ...
CVE-2025-62507
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...
CVE-2025-54526
Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-54526
Fuji Electric Monitouch V-SFT-6 is vulnerable to a stack-based buffer overflow while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
UBUNTU-CVE-2025-62507
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...
CVE-2025-54526
CVE-2025-54526 concerns Fuji Electric Monitouch V-SFT-6/V-SFT with a stack-based buffer overflow in parsing crafted project/V7 files, leading to remote code execution . ZDI advisories describe the flaw as a lack of proper validation of the length of user-supplied data before copying it into a fix...
CVE-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...
CVE-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...
CVE-2025-62507
CVE-2025-62507 affects Redis Open Source. In Redis versions 8.2.0 and above, the XACKDEL command can trigger a stack-based buffer overflow, potentially enabling remote code execution. The issue is fixed in Redis 8.2.3; remediation guidance includes upgrading to 8.2.3 or applying ACLs to restrict ...
CVE-2025-62507
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...
CVE-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE
Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...
Fuji Electric Monitouch V-SFT-6 (Update A)
RISK EVALUATION Successful exploitation of these vulnerabilities could crash the accessed device; a buffer overflow condition may allow remote code execution. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive...
CVE-2025-47360
CVE-2025-47360 affects an Automotive Software platform based on QNX. The issue is memory corruption (described as a stack-based buffer overflow) occurring while processing client messages during device management, with local attack vector and high impact on confidentiality, integrity, and availab...
OSV-2025-876 Stack-buffer-overflow in snmp_input
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=457106694 Crash type: Stack-buffer-overflow READ 8 Crash state: snmpinput snmpparsetrapfuzzer.c...
PT-2025-44927
Name of the Vulnerable Software and Affected Versions Automotive Software platform based on QNX affected versions not specified Description A memory corruption issue exists when processing client messages during device management. This is a stack-based buffer overflow. Recommendations At the...