CVE-2025-2619

CVE-2025-2619 affects D-Link DAP-1620 (firmware 1.03) and targets the check_dws_cookie function in the Cookie Handler’s /storage path. The weakness is a stack-based buffer overflow triggered by improper input length validation, allowing remote exploitation. Multiple sources corroborate critical s...

CVE-2024-13903

CVE-2024-13903 affects quickjs-ng QuickJS up to 0.8.0. The vulnerability targets the JS_GetRuntime function in quickjs.c (component qjs), enabling a stack-based buffer overflow. The issue can be exploited remotely. Upgrade to version 0.9.0 to address the vulnerability; the patch is identified by ...

CVE-2025-26336

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, versions prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX versions prior to 3.41.200.202209300499, contains a Stack-based Buffer Overflow vulnerability. An unauthenticated...

CVE-2025-26336

Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, versions prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX versions prior to 3.41.200.202209300499, contains a Stack-based Buffer Overflow vulnerability. An unauthenticated...

RHEL 6 / 7 : ruby193-ruby (RHSA-2014:1913)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1913 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

CVE-2025-29121

CVE-2025-29121 affects Tenda AC6 (V15.03.05.16). The vulnerability arises in the /goform/fast_setting_wifi_set form (form_fast_setting_wifi_set) when the timeZone parameter is processed, causing a stack-based buffer overflow. This is documented across multiple sources (NVD, Red Hat, CNVD/CNNVD va...

Azure Linux 3.0 Security Update: binutils (CVE-2025-0840)

The version of binutils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0840 advisory. - A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects th...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-24928)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24928 advisory. - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in...

CVE-2025-29121

A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fastsettingwifiset file formfastsettingwifiset. Using the timeZone parameter causes a stack-based buffer overflow...

CVE-2025-29121

A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fastsettingwifiset file formfastsettingwifiset. Using the timeZone parameter causes a stack-based buffer overflow...

Progress Software Kemp LoadMaster mangle Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mangle executable. The issue results from the lack of proper...

CVE-2025-2370

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The...

CVE-2025-2369

A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the atta...

Important: libxml2

Issue Overview: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML...

RHEL 8 : libxml2 (RHSA-2025:2660)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:2660 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-After-Free ...

X.Org Server XkbVModMaskText Stack-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the XkbVModMaskText...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

PT-2025-12495 · D Link · D-Link Dap-1620

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1620 version 1.03 Description: A critical vulnerability has been found in the D-Link DAP-1620, affecting the mod graph auth uri handler function of the Authentication Handler component. This vulnerability leads to a stack-based...

CVE-2025-27168 Illustrator | Stack-based Buffer Overflow (CWE-121)

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-27168 Illustrator | Stack-based Buffer Overflow (CWE-121)

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...