RUSTSEC-2026-0156 Bad-free in `MetaCallException::new`

exceptionstruct is a local stack variable, but the code passes its address to the C language as &mut exceptionstruct as mut as mut cvoid. Then, the returned MetaCallException value is stored here: rust OkSelf exceptionstruct: Arc::newexceptionstruct, value: exceptionptr, leak: false, Because leak...

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗...

CVE-2026-10206

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-10206 D-Link DI-8400 dbsrv.asp stack-based overflow

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-10206

CVE-2026-10206 affects D-Link DI-8400 with vulnerability in /dbsrv.asp (unknown function) where manipulation of the argument str causes a stack-based buffer overflow. Exploitation is remote and the exploit is public. Connected sources confirm affected device and vulnerable component but do not pr...

EUVD-2026-33528

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-10206 D-Link DI-8400 dbsrv.asp stack-based overflow

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

PT-2026-45517

microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw to header function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function uses strcpy to copy...

PT-2026-48693

exception struct is a local stack variable, but the code passes its address to the C language as &mut exception struct as mut as mut c void. Then, the returned MetaCallException value is stored here: rust OkSelf exception struct: Arc::newexception struct, value: exception ptr, leak: false, Becaus...

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from incorrect handling of the parameter num.total in the...

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from issues with the Assimp::MDL::HalfLife::HL1MDLLoader::readanimations...

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contain security vulnerabilities, which stem from issues with the HL1MDLLoader::readmeshes function in the HL1MDLLoader.cpp file. These...

D-Link DI-8400 安全漏洞

The D-Link DI-8400 is a wireless router produced by D-Link Corporation. The D-Link DI-8400, versions 16.07.26A1 and earlier, contained a security vulnerability. This vulnerability stemmed from a stack buffer overflow in the /dbsrv.asp file, which could allow a remote attacker to execute arbitrary...

microtar 安全漏洞

microtar is a lightweight ANSI C language tar library developed by rxi’s individual developers. Versions of microtar 0.1.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the rawtoheader function using strcpy to copy fields in the ustar format that are not empty...

OETIKER+PARTNER RRDtool 安全漏洞

OETIKER+PARTNER RRDtool is a time-series data storage and plotting system developed by OETIKER+PARTNER Inc. There is a security vulnerability in OETIKER+PARTNER RRDtool; this vulnerability stems from a stack buffer overflow issue. It could allow local attackers to cause the daemon process to cras...

H3C Magic B0 安全漏洞

H3C Magic B0 is a small wireless router produced by H3C Corporation. The H3C Magic B0 100R002 and earlier versions have security vulnerabilities. These vulnerabilities stem from improper handling of parameters in the function SetMobileAPInfoById within the file/goform/aspForm, which may lead to a...

PT-2026-45421

A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be...

PT-2026-45607

A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...

ArmCode Arm Whois 安全漏洞

ArmCode Arm Whois is a web information query tool developed by ArmCode Corporation. Version 3.11 of ArmCode Arm Whois contains a security vulnerability. This vulnerability stems from a stack buffer overflow, which could allow remote attackers to execute arbitrary code by providing excessive input...

UTT HiPER 1200GW 安全漏洞

UTT HiPER 1200GW is a wireless gateway device developed by UTT Corporation. Versions of UTT HiPER 1200GW prior to 2.5.3-170306 contained security vulnerabilities. These vulnerabilities were caused by incorrect parameter handling in the strcpy function within the file/goform/formFireWall, which...