Xorg: xwayland: Buffer overflow in XkbVModMaskText()

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

CVE-2025-22082

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iiobackenddebugfswritereg before passing it to sscanf. It is a stack variable so we should not assume it will 0 initialized...

DEBIAN-CVE-2025-22082

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iiobackenddebugfswritereg before passing it to sscanf. It is a stack variable so we should not assume it will 0 initialized...

UBUNTU-CVE-2025-22082

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iiobackenddebugfswritereg before passing it to sscanf. It is a stack variable so we should not assume it will 0 initialized...

CVE-2025-22082

CVE-2025-22082 affects the Linux kernel IIO subsystem: iio_backend_debugfs_write_reg() could pass an uninitialized stack buffer to sscanf() due to missing NULL termination. The root cause is a stack buffer not guaranteed to be 0-initialized, leading to potential uncontrolled reads. The vulnerabil...

CVE-2025-22082 iio: backend: make sure to NULL terminate stack buffer

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iiobackenddebugfswritereg before passing it to sscanf. It is a stack variable so we should not assume it will 0 initialized...

CVE-2025-22082

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iiobackenddebugfswritereg before passing it to sscanf. It is a stack variable so we should not assume it will 0 initialized...

CVE-2025-22082 iio: backend: make sure to NULL terminate stack buffer

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer in iiobackenddebugfswritereg before passing it to sscanf. It is a stack variable so we should not assume it will 0 initialized...

PT-2025-16722 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the iio backend, where a stack buffer was not properly NULL terminated before being passed to the sscanf...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an iio backend that does not properly terminate a stack buffer, potentially resulting in a buffer overflow...

The vulnerability of the libexpat library for analyzing XML files, related to buffer overflow in the stack, allows an attacker to execute arbitrary code on the target system.

The vulnerability of the libexpat library for analyzing XML files involves buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the target system remotely...

D-Link DI-8100 安全漏洞

The D-Link DI-8100 is a broadband router from D-Link designed for small to medium sized network environments. A stack buffer overflow vulnerability exists in the D-Link DI-8100. The vulnerability stems from the authasp function in the /auth.asp file in the jhttpd component not effectively limitin...

The vulnerability of the Windows Telephony Service in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows Telephony Service in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a request to the server...

CVE-2025-3289

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

The vulnerability in the Wayland protocol for X.Org XWayland, which is related to the X.Org Server, a server for the X Window System, arises from buffer overflows in the stack. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Wayland protocol for X.Org XWayland, which is implemented by the X.Org Server, is related to buffer overflows in the stack. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

USN-7346-3 opensc vulnerabilities

USN-7346-1 fixed vulnerabilities in OpenSC. The update introduced a regression which broke smartcard based authentication. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenSC did not correctly handle certain memory operations...

CVE-2025-29988

Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution...

PT-2025-28638 · Git +1 · Tarantool

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software contains a stack-buffer-overflow write issue. The crash state involves the functions snap usedef, lj snap purge, and lj record ins...

PT-2025-15540 · Microsoft · Windows Telephony Service +1

Name of the Vulnerable Software and Affected Versions: Windows Telephony Service affected versions not specified Description: A stack-based buffer overflow in the Windows Telephony Service allows an unauthorized attacker to execute code over a network. Recommendations: At the moment, there is no...

PT-2025-15637

Name of the Vulnerable Software and Affected Versions Nissan Leaf versions manufactured in 2020 affected versions not specified Description A flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue is due to insufficient boundary...