73998 matches found
CVE-2026-44412
A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
CVE-2026-44412
A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...
CVE-2026-8234
A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit h...
CVE-2026-1681
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681
CVE-2026-1681 concerns Zephyr RTOS network stack behavior when issuing an ICMP ping via the net ping command to the device’s own IPv4 address. The description states that the destination is treated as local, causing the echo request and echo reply to be processed inline within the same frame, whi...
CVE-2026-1681
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
EUVD-2026-29387
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
OSV-2026-717 Stack-use-after-scope in enter_block_callback
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=511831392 Crash type: Stack-use-after-scope READ 4 Crash state: enterblockcallback mdprocessallblocks mdparse...
NanaZip 安全漏洞
NanaZip is a compression software open source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the GetAllPaths function in the UFS/UFS2 file system image parser, which allowed recursive subdirectories without...
HPE Aruba Networking Wireless Operating System 安全漏洞
HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from stack buffer overflows in several underlying...
PT-2026-40224
Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network...
PT-2026-40360
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...
NanaZip 安全漏洞
NanaZip is a compression software open source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the recursive, depth-unlimited behavior of the nlohmann::json::parse and GetAllPaths functions in the Electron...
arduino-esp32 安全漏洞
Arduino-ESP32 is an open-source project by Espressif, designed for use with the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, and ESP32-H2 boards. Versions of Arduino-ESP32 prior to 3.3.8 contained a security vulnerability. This vulnerability stemmed from the WebServer multi-part form parser’s...
PT-2026-40369
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...
PT-2026-40367
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...
Adobe After Effects 安全漏洞
Adobe After Effects is a visual effects and dynamic graphics production software developed by Adobe, Inc. This software is primarily used for 2D and 3D compositing, animation production, and visual special effects. Versions of Adobe After Effects such as 26.0, 25.6.4, and earlier versions have...
PT-2026-40359
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...