34099 matches found
CVE-2020-37221 Atomic Alarm Clock 6.3 Stack Overflow via SEH Unicode
Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration. Attackers can craft a buffer with structured exception handling overwrite and...
CVE-2020-37221 Atomic Alarm Clock 6.3 Stack Overflow via SEH Unicode
Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration. Attackers can craft a buffer with structured exception handling overwrite and...
CVE-2020-37221
Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration. Attackers can craft a buffer with structured exception handling overwrite and...
CVE-2020-37221
Atomic Alarm Clock 6.3 is affected by a local, stack-overflow vulnerability in the Time Zones Clock configuration display name field. The issue arises from a crafted string causing a SEH overwrite with encoded shellcode, potentially bypassing SafeSEH protections and leading to arbitrary code exec...
vulnerabilities handled in Adobe After Effects
Adobe has identified several vulnerabilities in Adobe After Effects, particularly in versions 26.0, 25.6.4, and earlier versions. These vulnerabilities reside in the way Adobe After Effects processes certain files. There are issues with stack-based buffer overflows, heap-based buffer overflows,...
jq: Stack overflow via unbounded recursion in jv_contains
...
jq: Stack Overflow in Recursive Object Merge
...
GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow
Overview GUARDIANWALL MailSuite provided by Canon Marketing Japan Inc. contains the following vulnerability. Stack-based buffer overflow in pop3wallpasswd command CWE-121 - CVE-2026-32661 This can be exploited only when the product is configured to run pop3wallpasswd with grdnwww user privilege T...
CVE-2026-32661
Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud SaaS version. If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd wi...
CVE-2026-32661
Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud SaaS version. If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd wi...
CVE-2026-32661
Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud SaaS version. If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd wi...
SUSE CVE-2026-41257
jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond 1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for a...
SUSE CVE-2026-43894
jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...
Drive Software Atomic Alarm Clock 安全漏洞
Drive Software Atomic Alarm Clock is a desktop enhancement tool developed by Drive Software. Version 6.3 of Drive Software Atomic Alarm Clock contains a security vulnerability. This vulnerability stems from a stack overflow issue, which could allow local attackers to execute arbitrary code by...
PT-2026-40577
Name of the Vulnerable Software and Affected Versions GUARDIANWALL MailSuite affected versions not specified GUARDIANWALL Mail Security Cloud SaaS version affected versions not specified Description A stack-based buffer overflow allows a remote attacker to execute arbitrary code by sending a...
Canon GUARDIANWALL MailSuite和Canon GUARDIANWALL Mail Security Cloud 安全漏洞
Canon GUARDIANWALL MailSuite and Canon GUARDIANWALL Mail Security Cloud are products of Canon, a Japanese company. Canon GUARDIANWALL MailSuite is an enterprise-level email security and filtering system. Canon GUARDIANWALL Mail Security Cloud is an enterprise-level cloud-based email security...
PT-2026-40622
Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string to the display name textbox in the Time Zones Clock configuration. Attackers can craft a buffer with structured exception handling overwrite and...
CVE-2026-42854
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...
CVE-2026-42854 arduino-esp32: Stack buffer overflow in WebServer multipart boundary parsing leads to remote crash potential RCE
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...
CVE-2026-42854 arduino-esp32: Stack buffer overflow in WebServer multipart boundary parsing leads to remote crash potential RCE
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...