73998 matches found
CVE-2026-6477
Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...
GHSA-337M-MW94-2V6G Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
UBUNTU-CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
CVE-2026-45205 describes an uncontrolled recursion (StackOverflowError) in Apache Commons Configuration when processing untrusted YAML configuration files with cycles. Affected versions are 2.2 prior to 2.15.0; the advisory recommends upgrading to 2.15.0 to fix the issue. Public disclosures acros...
CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
EUVD-2026-30267
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
CVE-2026-45205
Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...
jq: stack overflow in module loading on mutual `include`
...
OSV-2026-728 Stack-buffer-overflow in autoload_external_files
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512622269 Crash type: Stack-buffer-overflow READ 4 Crash state: autoloadexternalfiles loadexternaloptsthread workerthread...
PT-2026-41131
Name of the Vulnerable Software and Affected Versions MongoDB PHP driver affected versions not specified Description A stack exhaustion issue occurs when processing deeply nested BSON Binary JSON documents. This can lead to application crashes in unusual circumstances, specifically when the BSON...
ImageMagick < 6.9.13-46 / 7.x < 7.1.2-21 Stack Buffer Overflow
The remote host has a version of ImageMagick installed that is prior to 6.9.13-46 or 7.x prior to 7.1.2-21. It is, therefore, affected by a stack buffer overflow vulnerability: - A malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to...
Nerdbank.MessagePack 安全漏洞
Nerdbank.MessagePack is a .NET platform-specific MessagePack serialization library developed by Andrew Arnott. Versions of Nerdbank.MessagePack prior to 1.1.62 contained security vulnerabilities. These vulnerabilities stemmed from uncontrolled stack allocation during DateTime decoding. Malicious...
OpenImageIO 缓冲区错误漏洞
OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO prior to 3.0.18.0 and 3.1.13.0 contained a buffer error vulnerability. This vulnerability stemmed from the RLE...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-019019)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-019019 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...
MongoDB PHP Driver 安全漏洞
The MongoDB PHP Driver is an open-source driver developed by MongoDB for PHP applications, enabling connection to MongoDB databases. The MongoDB PHP Driver has a security vulnerability that stems from a stack overflow issue when processing deeply nested BSON documents, which may lead to applicati...
PT-2026-40926
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description A stack buffer overflow in the "refint" module allows an...