CVE-2025-48060

CVE-2025-48060 affects jq up to version 1.7.1, where a heap-buffer-overflow in the jv_string_vfmt path can crash the process when formatting strings (OSS-Fuzz harness). The issue is triggered in jq_fuzz_execute and references malloc in jv.c. As of publication, no patch existed in the initial desc...

CVE-2025-48060 AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...

Exploit for CVE-2025-40634

CVE-2025-40634 The TP-Link Archer AX50 router is vulnerable t...

PT-2025-29035

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A stack buffer overflow issue was identified in the Bluetooth btintel driver. The vulnerability occurs when the EFI variable size exceeds the size of the btintel dsbr structure. The fi...

PT-2025-22127 · Tp Link · Tp-Link Archer C50

Name of the Vulnerable Software and Affected Versions: TP-Link Archer AX50 versions prior to 1.0.15 build 241203 rel61480 Description: The issue is a stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router. This vulnerability allo...

CVE-2025-47758

CVE-2025-47758 concerns Fuji Electric V-SFT. Affected: V-SFT versions 6.2.5.0 and earlier. Vulnerability: a stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name when parsing specially crafted V7/V8 files. Impact: crash, information disclosure, and arbitrary code execution as de...

D-Link DI-8100 Stack Buffer Overflow Vulnerability

The D-Link DI-8100 is a network device designed to provide network connectivity and management capabilities. The D-Link DI-8100 suffers from a stack buffer overflow vulnerability that stems from insufficient handling of the parameters defmax/deftime/deftcpmax/deftcptime/defudpmax/defudptime/defic...

CVE-2025-4892

A vulnerability was found in code-projects Police Station Management System 1.0. It has been declared as critical. Affected by this vulnerability is the function criminal::remove of the file source.cpp of the component Delete Record. The manipulation of the argument No leads to stack-based buffer...

CVE-2025-4810

CVE-2025-4810 affects Tenda AC7 (firmware 15.03.06.44) with the vulnerability in the function formSetRebootTimer in /goform/SetRebootTimer. The argument reboot_time can overflow a stack-based buffer, enabling a remote attack. Public exploit disclosure is indicated. Documentation consistently spec...

IBM Java 7.1 < 7.1.5.26 / 8.0 < 8.0.8.45

The version of IBM Java installed on the remote host is 7.1 prior to 7.1.5.26 / 8.0 prior to 8.0.8.45. It is, therefore, affected by a vulnerability as referenced in the IBM Security Update May 2025 advisory. - In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based...

CVE-2025-32756

A stack-based buffer overflow vulnerability CWE-121 vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8,...

Moderate: Red Hat Security Advisory: corosync security update

An update for corosync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Intel PROSet/Wireless WiFi 安全漏洞

Intel PROSet/Wireless WiFi is a wireless network card driver from Intel Corporation USA. A security vulnerability exists in Intel PROSet/Wireless WiFi versions prior to 23.100, which originates from a stack buffer overflow that could result in a denial of service...

Schneider Electric EcoStruxure Power Build Rapsody 安全漏洞

Schneider Electric EcoStruxure Power Build Rapsody is a power monitoring platform from Schneider Electric France. Schneider Electric EcoStruxure Power Build Rapsody suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to achieve arbitrary code execution on an...

ROS-2-643

2.643 Vulnerability in PPPD CVE-2020-8597 1. Vulnerability Description: The issue CVE-2020-8597 is a stack buffer overflow vulnerability resulting from a logic error in the EAP Extensible Authentication Protocol packet parser in PPPD eaprequest and eapresponse functions in eap.c. The vulnerabilit...

ALSA-2025:7478 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

Siemens SCALANCE LPE9403 缓冲区错误漏洞

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. The Siemens SCALANCE LPE9403 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to...

ALSA-2025:7201 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Stack buffer overflow from 'orftokenendianconvert' CVE-2025-30472 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and oth...

CVE-2025-1533

A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may leading to a system crash BSOD or other potentially undefined execution. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory f...