PT-2026-46553

Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: Medium...

ngtcp2: ngtcp2: Denial of service via stack buffer overflow during QUIC handshake

A flaw was found in ngtcp2, a C implementation of the IETF QUIC Quick UDP Internet Connections protocol. A remote attacker can exploit a stack buffer overflow vulnerability by sending specially crafted, large transport parameters during the QUIC handshake. This occurs when the qlog callback is...

CVE-2026-6477

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

EUVD-2026-34138

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

CVE-2026-35717

A stack-based buffer overflow in the exportlanguage.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via a crafted POST request to the /cgi-bin/admin/exportlanguage.cgi endpoint. The handler passes the...

CVE-2026-7453

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

EUVD-2026-34122

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6addrt2node. syzbot reported out-of-bound read in fib6addrt2node. 0 When IPv6 route is created with RTANHID, struct fib6info does not have the trailing struct fib6nh. The cited commit started t...

CVE-2026-35085

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

CVE-2026-35084

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...

CVE-2026-35083

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

CVE-2026-35085

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

CVE-2026-35085 Stack buffer overflow in method gdv-serverconfig

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

CVE-2026-35085 Stack buffer overflow in method gdv-serverconfig

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

CVE-2026-35085

CVE-2026-35085 describes a stack buffer overflow in gdv-serverconfig that can be exploited by a remote attacker authenticated with user privileges to achieve full system access as root. The CVE is rated HIGH (CVSS 4.0: 8.7) with NETWORK attack vector, low complexity, and requires low privileges; ...

EUVD-2026-34081

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

CVE-2026-35084 Stack buffer overflow in method dali-devconfig

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...

CVE-2026-35084

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...