74772 matches found
H3C Magic R300-2100M - Remote Code Execution
H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. id: CVE-2023-33629 info: name: H3C Magic R300-2100M - Remote Code Execution author: DhiyaneshDK severity: high description: | H3C Magic R300 version...
CVE-2026-13713
CVE-2026-13713 affects YAML::Syck before 1.47 (Perl). The issue is a use-after-free/double-free caused by redefining or removing an anchor: syck_hdlr_add_anchor and syck_hdlr_remove_anchor free the node under that name, which may still reside on the parser’s value stack. When the same node is fre...
CVE-2026-13713 YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack
YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...
Microweber < 1.2.11 - CRLF Injection
CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. id: CVE-2022-0666 info: name: Microweber 1.2.11 - CRLF Injection author: ritikchaddha severity: high description: | CRLF Injection leads to Sta...
EUVD-2026-44848
A stack overflow in the evaluate function editors/awk.c of BusyBox commit 371fe9 allows attackers to cause a Denial of Service DoS via supplying a crafted AWK script...
CVE-2026-38752
A stack overflow in the evaluate function editors/awk.c of BusyBox commit 371fe9 allows attackers to cause a Denial of Service DoS via supplying a crafted AWK script...
CVE-2026-58658 GPUStack Unauthenticated Information Disclosure via Worker Endpoints
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...
CVE-2026-58658
Summary. CVE-2026-58658 affects GPUStack up to version 2.2.1 and was fixed by commit 4e20551. An unauthenticated attacker can abuse unprotected /serveLogs and /debug endpoints on the worker port to disclose sensitive information and configure logs. Specifically, attackers can enumerate model inst...
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
RLSA-2026:39317 Low: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling CVE-2025-6170 For more details about the security issues, including the impact, a CVSS score,...
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
CVE-2026-38752
A stack overflow in the evaluate function editors/awk.c of BusyBox commit 371fe9 allows attackers to cause a Denial of Service DoS via supplying a crafted AWK script...
PT-2026-60312
Name of the Vulnerable Software and Affected Versions BusyBox affected versions not specified Description A stack overflow occurs in the evaluate function editors/awk.c when processing a specially crafted AWK script, which can lead to a Denial of Service DoS. A stack overflow is a condition where...
CVE-2026-38752
Affected software: BusyBox. Vulnerability location: evaluate() in editors/awk.c, commit 371fe9. Issue: stack overflow that can cause a Denial of Service when given a crafted AWK script. Impact: DoS; CVSS indicates high availability impact with network attack vector and no privileges. Evidence not...
Low: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2026-47971
Media Encoder is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
Low: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
capstone: Capstone: Memory corruption via unchecked vsnprintf return
A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...
CVE-2026-47477
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a stack-based buffer overflow. A successful exploit of this vulnerability might lead to denial of service...