72402 matches found
CLSA-2026-1779356468 vim: Fix of 2 CVEs
CVE-2022-2343: heap-buffer-overflow in inscompladdinfercase on long line with 'infercase' upstream vim 9.0.0045 - CVE-2022-3296: stack underflow in exfinally / exendtry when :finally lacks an enclosing :try upstream vim 9.0.0577...
CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
CVE-2026-39461 select(2) file descriptor set overflow causes stack overflow
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
CVE-2026-39461
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
EUVD-2026-31258
libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024. An attacker able to cause an...
CVE-2026-39461
The CVE-2026-39461 issue affects libcasper(3), which communicates with helper processes over UNIX domain sockets and uses select(2) to wait for data. The problem is that it does not verify that its socket descriptor fits within FD_SETSIZE (1024), potentially allowing an application that opens man...
CVE-2026-45250
The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...
CVE-2026-45232
A flaw was found in rsync. A network attacker can exploit an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function by sending a malformed HTTP proxy response. This occurs when the RSYNCPROXY environment variable is set and the attacker sends a response line o...
CVE-2026-45250
CVE-2026-45250 concerns a stack buffer overflow in the FreeBSD kernel arising from setcred(2). The unprivileged user can trigger a copyin into a fixed-size kernel-stack array before validating the number of supplementary groups, causing a stack overflow when the list is large. This allows an unpr...
CVE-2026-45250 Stack buffer overflow via setcred(2)
The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...
CVE-2026-45250 Stack buffer overflow via setcred(2)
The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...
CVE-2026-45250
The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...
EUVD-2026-31252
The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...
CVE-2026-44056
A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...
CVE-2026-44048
A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...
Rsync < 3.4.3 Off-by-One Stack Write via HTTP Proxy
...
CVE-2026-44056 Stack buffer overflow in desktop.c
A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...
CVE-2026-44056 Stack buffer overflow in desktop.c
A stack-based buffer overflow in desktop.c in Netatalk 1.3 through 4.2.2 allows a remote authenticated attacker to cause a denial of service, obtain limited information, or modify limited data...
CVE-2026-44048 Stack buffer overflow via UCS-2 type confusion in convert_charset()
A stack-based buffer overflow via UCS-2 type confusion in convertcharset in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service...
CVE-2026-44048
Netatalk 2.0.4–4.4.2 is affected by a stack-based buffer overflow due to UCS-2 type confusion in convert_charset(). Affected variants can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service; the issue is fixed in Netatalk 4.4.3. Debian notes the vulnerabil...