34201 matches found
UBUNTU-CVE-2025-69720
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyzestring in progs/infocmp.c...
Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a StackOverflowError CVE-2025-48924
Summary Apache Commons is used by the IBM Datapower Operations Dashboard in their Java components utility operations Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...
EUVD-2006-7234
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
CVE-2006-10003
XML::Parser (Perl) up to version 2.47 contains an off-by-one heap buffer overflow in st_serial_stack, enabling memory corruption and crashes on deeply nested XML. A patched version is available (varies by distro) — Debian fixes 2.46-2+deb11u1 and 2.47-2~deb13u1; RedHat/Debian/Linux advisories als...
CVE-2006-10003
XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in stserialstack. In the case stackptr == stacksize - 1, the stack will NOT be expanded. Then the new value will be written at location ++stackptr, which equals stacksize and therefore falls just outside the allocat...
SUSE-SU-2026:20911-1 Security update for poppler
This update for poppler fixes the following issues: - CVE-2025-11896: infinite recursion leading to stack overflow due to object loop in PDF CMap bsc1252337...
Stack overflow parsing XML with deeply nested DTD content models
...
SUSE CVE-2026-23246
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check linkid in ieee80211mlreconfiguration linkid is taken from the ML Reconfiguration element control & 0x000f, so it can be 0..15. linkremovaltimeout has IEEE80211MLDMAXNUMLINKS 15 elements, so index 15 i...
Important: libtiff
Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages: libtiff...
Important: compat-libtiff3
Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages:...
ROS-20260319-73-0036
Vulnerability in vim related to stack buffer overflow. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code...
wolfSSL 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from a stack buffer overflow in the PKCS7 SignedData encoding function. When...
Belkin F9K1122 Stack Buffer Overflow Vulnerability (CNVD-2026-14686)
The Belkin F9K1122 is a WiFi signal extender. The Belkin F9K1122 suffers from a stack buffer overflow vulnerability, which originates from a misbehavior of the webpage parameter of the function formReboot in the file /goform/formReboot, that can be exploited by an attacker to execute arbitrary co...
PT-2026-26380
Name of the Vulnerable Software and Affected Versions OpenWrt Project versions prior to 24.10.6 and versions prior to 25.12.1 Description The OpenWrt Project, a Linux operating system for embedded devices, is affected by a Stack-based Buffer Overflow in the mdns daemon. The issue resides within t...
Amazon Linux 2 : libtiff, --advisory ALAS2-2026-3196 (ALAS-2026-3196)
The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3196 advisory. libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...
PT-2026-26312
A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wc PKCS7 BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available spa...
PX4-Autopilot 安全漏洞
PX4-Autopilot is an open-source drone autopilot system developed by PX4. Versions of PX4-Autopilot prior to 1.17.0-rc2 contained security vulnerabilities. These vulnerabilities were caused by a stack-based buffer overflow issue in the MavlinkLogHandler, which could potentially allow attackers to...
wolfSSL(CyaSSL) 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US-based wolfSSL company, designed for developers working with embedded systems. Version 5.8.4 of wolfSSL CyaSSL contains a security vulnerability. This vulnerability stems from a stack buffer overflow issue in...
OpenWrt 安全漏洞
OpenWrt is an open-source Linux operating system designed for embedded devices. Versions prior to OpenWrt 24.10.6 and 25.12.1 contained security vulnerabilities. These vulnerabilities were caused by a stack buffer overflow in the matchipv6addresses function of the mdns daemon, which could lead to...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2026-1641)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...