Lucene search
K

34202 matches found

CVE
CVE
added 2026/03/19 9:49 p.m.13 views

CVE-2026-30871

OpenWrt mdns daemon vulnerability (CVE-2026-30871) affects versions prior to 24.10.6 and 25.12.1. A stack-based buffer overflow in parse_question is triggered by PTR queries (reverse DNS: .in-addr.arpa and .ip6.arpa). DNS packets received on UDP port 5353 are expanded by dn_expand into an 8096-by...

9.8CVSS5.9AI score0.01211EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/19 9:49 p.m.4 views

CVE-2026-30871 OpenWrt Project has Stack-based Buffer Overflow in DNS PTR Query

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...

9.5CVSS6AI score0.01211EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/03/19 9:31 p.m.6 views

Scriban has an Infinite Recursion during Object Rendering Leads to Stack Overflow and Process Crash (Denial of Service)

When Scriban renders an object that contains a circular reference, it traverses the object's members infinitely. Because the ObjectRecursionLimit property defaults to unlimited, this behavior exhausts the thread's stack space, triggering an uncatchable StackOverflowException that immediately...

5.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/19 9:31 p.m.4 views

GHSA-GRR9-747V-XVCP Scriban has an Infinite Recursion during Object Rendering Leads to Stack Overflow and Process Crash (Denial of Service)

When Scriban renders an object that contains a circular reference, it traverses the object's members infinitely. Because the ObjectRecursionLimit property defaults to unlimited, this behavior exhausts the thread's stack space, triggering an uncatchable StackOverflowException that immediately...

7.5CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2026/03/19 9:30 p.m.3 views

GHSA-WGH7-7M3C-FX25 Scriban has Uncontrolled Recursion in Parser Leads to Stack Overflow and Process Crash (Denial of Service)

Scriban is vulnerable to an uncontrolled process crash resulting in a Denial of Service. Because the recursive-descent parser does not enforce a default limit on expression depth, an attacker who controls template input can craft a heavily nested template that triggers a StackOverflowException. I...

7.5CVSS6AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/03/19 9:30 p.m.5 views

Scriban has Uncontrolled Recursion in Parser Leads to Stack Overflow and Process Crash (Denial of Service)

Scriban is vulnerable to an uncontrolled process crash resulting in a Denial of Service. Because the recursive-descent parser does not enforce a default limit on expression depth, an attacker who controls template input can craft a heavily nested template that triggers a StackOverflowException. I...

6AI score
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/19 9:30 p.m.10 views

EUVD-2026-13231

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

6.9CVSS6.2AI score0.00444EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 9:17 p.m.2 views

DEBIAN-CVE-2026-3849

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

9.8CVSS6.1AI score0.00444EPSS
Exploits0References1
NVD
NVD
added 2026/03/19 9:17 p.m.10 views

CVE-2026-3849

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

9.8CVSS0.00444EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/19 9:17 p.m.7 views

CVE-2026-3849

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

9.8CVSS6.2AI score0.00444EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 8:29 p.m.2 views

CVE-2026-3849 Buffer Overflow in HPKE via Oversized ECH Config

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

6.9CVSS6.2AI score0.00444EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/03/19 8:29 p.m.2 views

CVE-2026-3849

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

9.8CVSS6.2AI score0.00444EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/03/19 8:29 p.m.4 views

CVE-2026-3849

Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client...

9.8CVSS6.1AI score0.00444EPSS
Exploits0
Snyk
Snyk
added 2026/03/19 6:51 p.m.1 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the wcPKCS7BuildSignedAttributes function. An attacker can cause stack or heap memory corruption by providing untrusted input that controls the size of the signedAttribs array, leading to writing beyond th...

7.1CVSS5.9AI score0.00101EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/19 6:31 p.m.7 views

EUVD-2026-13131

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

5.9CVSS6.1AI score0.00101EPSS
Exploits0References2
CVE
CVE
added 2026/03/19 5:45 p.m.15 views

CVE-2026-3548

Two concrete vulnerabilities affect the wolfSSL CRL parser: heap-based and stack-based buffer overflows when parsing CRL numbers, triggered by crafted CRLs and only in builds with CRL support enabled. The issue stems from storing the CRL number as a hexadecimal string, enabling out-of-bounds writ...

9.8CVSS6.2AI score0.00471EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2026/03/19 5:16 p.m.4 views

CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

7.1CVSS6.1AI score0.00101EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 5:16 p.m.3 views

UBUNTU-CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

7.1CVSS6.1AI score0.00101EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/19 4:54 p.m.2 views

CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

7.1CVSS5.7AI score0.00101EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/19 4:54 p.m.23 views

CVE-2026-0819 Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

5.9CVSS0.00101EPSS
Exploits0References1
Rows per page
Query Builder