CLSA-2026-1777465067 binutils: Fix of CVE-2021-3826

CVE-2021-3826: fix heap/stack buffer overflow in libiberty d-demangle dlangsymbolbackref...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-0206

The CVE describes a post-authentication stack-based buffer overflow in SonicOS that allows a remote attacker to crash a firewall. Affected component: SonicOS (firewall platform). Root cause: stack-based overflow after authentication. Impact: denial of service via crash; no confidentiality/integri...

EUVD-2026-26256

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

CVE-2026-7111

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...

CVE-2026-36837

TOTOLINK A3002RU V3 = V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the hostname parameter in the formMapDelDevice function...

EUVD-2026-26237

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...

CVE-2026-7111

Text::CSV_XS for Perl prior to 1.62 is affected by a use-after-free when callbacks extend the Perl argument stack. The Parse, print, getline, and getline_all methods cache the stack pointer across calls; if a callback triggers stack reallocation, a stale pointer is used to write a return value, c...

CVE-2026-7111

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...

CVE-2026-7111 Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...

CVE-2026-7111

Text::CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getlineall methods invoke registered callbacks for example afterparse, beforeprint, or...

JLSEC-2026-297

HDF5 through 1.14.3 contains a stack buffer overflow in H5Rdecodeheap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-291

HDF5 through 1.14.3 contains a stack buffer overflow in H5FLarrmalloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-304

HDF5 Library through 1.14.3 allows stack consumption in the function H5Eprintfstack in H5Eint.c...

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2025-15467 DESCRIPTION: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact...

Security Bulletin: IBM Engineering Lifecycle Management - Jazz Foundation is impacted by vulnerabilities in Json-smart

Summary A vulnerability has been identified in Json-smart library, which is used in IBM Engineering Lifecycle Management - Jazz Foundation. Vulnerability Details CVEID:CVE-2023-1370 DESCRIPTION:Json-smart is a performance focused, JSON processor lib. When reaching a ‘‘ or ‘‘ character in the JSON...

BIT-THRIFT-2026-41606 Apache Thrift: c_glib dispatch stack overflow

Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

squid: Fix of 3 CVEs

CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...