SUSE-SU-2026:0910-1 Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: - CVE-2025-53906: Fixed that malicious zip archive may cause a path traversal in Vim's zip bsc1246602. - CVE-2026-26269: Fixed Netbeans specialKeys stack buffer overflow bsc1258229. - CVE-2026-28417: Fixed that a...

Tenda i12 安全漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. Version 1.0.0.113862 of the Tenda i12 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters index and wlradio, which may lead to a stack buffer overflow atta...

Tenda CX12L 安全漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/webExcptypemanFilter, which may lead to a stack buff...

ImageMagick < 6.9.13-43 / 7.x < 7.1.2-18 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-43 and 7.x prior to 7.1.2-18. It is, therefore, affected by multiple vulnerabilities: - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an...

EUVD-2026-17688

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function...

CVE-2026-34555

Technical specifics (affected products/versions/vector details) are not publicly provided in the supplied documents. The entry notes a stack-buffer-overflow in iccDEV CIccTagFixedNum::GetValues() prior to 2.3.1.6 and a patch in 2.3.1.6.

Tenda CH22 安全漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. Version 1.0.0.1 of the Tenda CH22 contains a security vulnerability. This vulnerability arises from incorrect handling of the parameter “mitlinktype” in the file/goform/QuickIndex, which may lead to a stack buffer overflow...

D-Link多款产品 安全漏洞

D-Link DNS-320, etc., are products of D-Link Corporation, a Chinese company. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-320L is also a NAS device. The D-Link DNS-120 is a network storage adapter. Several D-Link products have security vulnerabilities, which stem fr...

PT-2026-29390

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities; these vulnerabilities were caused by specially crafted ICC configuration files that could lead to stack buffer overflo...

CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

Belkin F9K1122 安全漏洞

The Belkin F9K1122 is a WiFi signal extender produced by the Canadian company Belkin. The version 1.00.33 of the Belkin F9K1122 contains a security vulnerability. This vulnerability stems from improper handling of the webpage parameter in the file/goform/formCrossBandSwitch, which may lead to a...

EUVD-2016-10850

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...

UBUNTU-CVE-2016-20048

iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...

CVE-2016-20042 TRN 3.6-23 Stack Buffer Overflow Local Code Execution

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the...

SUSE CVE-2026-33536

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...

Varaneckas JAD Java Decompiler 缓冲区错误漏洞

Varaneckas JAD Java Decompiler is a tool developed by Varaneckas Corporation that decompiles Java bytecode into readable source code. Versions of Varaneckas JAD Java Decompiler 1.5.8e-1kali1 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a stack buffer overflo...

Flat Assembler 缓冲区错误漏洞

Flat Assembler is an assembly language compiler developed by Tomasz Grysztar, designed to work on multiple platforms. Version 1.71.21 of Flat Assembler contains a buffer overflow vulnerability. This vulnerability stems from a stack buffer overflow, which could allow local attackers to execute...

PT-2026-28231

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 8150 bytes to overflow the stack, overwrite return...

SC 缓冲区错误漏洞

SC is a software developed by SC OpenSource. Version 7.16 of SC contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code...