Lucene search
K

74139 matches found

CVE
CVE
added 2026/03/30 4:59 p.m.14 views

CVE-2025-49010

OpenSC before version 0.27.0 is vulnerable to a stack-buffer-overflow write in GET RESPONSE when a crafted USB device or smart card presents specially crafted APDU responses. The attack requires physical access and user/administrator interaction with the token. A fix exists in OpenSC 0.27.0 and l...

6.8CVSS5.8AI score0.0013EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/30 4:59 p.m.3 views

CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE

OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...

3.8CVSS5.8AI score0.0013EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/30 3:32 p.m.7 views

EUVD-2026-17087

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...

3.5CVSS5.9AI score0.00157EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/30 3:32 p.m.6 views

EUVD-2026-17085

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LISTPLAYERAPPLICATIONSETTINGATTRIBUTES and LISTPLAYERAPPLICATIONSETTINGVALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth...

3.5CVSS6AI score0.00143EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/30 2:8 p.m.6 views

CVE-2026-28528 BlueKitchen BTstack < 1.8.1 AVRCP Browsing Target GET_FOLDER_ITEMS Handler OOB Read / Undefined Behavior

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Browsing Target GETFOLDERITEMS handler that fails to validate packet boundaries and attribute count data. An attacker with a paired Bluetooth Classic connection can exploit insufficient bounds...

4.6CVSS5.9AI score0.00135EPSS
Exploits0References2
CVE
CVE
added 2026/03/30 2:8 p.m.11 views

CVE-2026-28528

BlueKitchen BTstack

4.6CVSS5.9AI score0.00135EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/30 2:6 p.m.20 views

CVE-2026-28526 BlueKitchen BTstack < 1.8.1 AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_* Handlers OOB Read

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LISTPLAYERAPPLICATIONSETTINGATTRIBUTES and LISTPLAYERAPPLICATIONSETTINGVALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth...

3.5CVSS0.00143EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/30 11:4 a.m.2 views

CVE-2018-25222

A flaw was found in SC. This stack-based buffer overflow vulnerability allows local attackers to execute arbitrary code. By providing input that exceeds the allocated memory buffer, an attacker can overwrite critical program data, leading to the execution of malicious code within the application'...

8.6CVSS6.7AI score0.00141EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/30 10:54 a.m.4 views

CVE-2026-5042

A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be...

9CVSS6.4AI score0.00673EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/30 10:41 a.m.4 views

CVE-2018-25220

A flaw was found in Bochs. Attackers can exploit a stack-based buffer overflow vulnerability by providing an oversized input string to the application. This can lead to arbitrary code execution, allowing attackers to run unauthorized commands with the application's privileges...

9.8CVSS6.4AI score0.00637EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/30 10:41 a.m.3 views

CVE-2016-20038

A flaw was found in yTree. This vulnerability, a stack-based buffer overflow, allows a local attacker to execute arbitrary code. By supplying an excessively long command-line argument, an attacker can overwrite the program's memory stack, leading to the execution of malicious code within the...

8.6CVSS6.6AI score0.00177EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/30 5:0 a.m.4 views

CVE-2026-5024

A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...

9CVSS6.4AI score0.00764EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29026

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GET PLAYER APPLICATION SETTING ATTRIBUTE TEXT and GET PLAYER APPLICATION SETTING VALUE TEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establi...

3.5CVSS5.9AI score0.00157EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.6 views

Tenda CH22 安全漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. Version 1.0.0.1 of the Tenda CH22 contains a security vulnerability. This vulnerability stems from an incorrect operation on the parameter “fileNameMit” in the function “formCreateFileName” within the...

9CVSS7.7AI score0.0073EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.6 views

Tenda CH22 安全漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. There is a security vulnerability in the version 1.0.0.1/1.If of the Tenda CH22. This vulnerability stems from incorrect operations on the parameter funcname in the functions fromSetCfm of the Component Parameter Handler fi...

9CVSS7.7AI score0.00632EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29113

Name of the Vulnerable Software and Affected Versions Tenda CH22 version 1.0.0.1 Description A buffer overflow exists in the formCreateFileName function located in the file /goform/createFileName. Manipulation of the fileNameMit argument can trigger a stack-based buffer overflow, potentially...

9CVSS7.6AI score0.0073EPSS
Exploits1References9
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.10 views

BTstack 安全漏洞

BTstack is an open-source Bluetooth stack implemented by BlueKitchen. Versions of BTstack prior to 1.8.1 contained security vulnerabilities; these vulnerabilities stemmed from out-of-bounds read accesses by the AVRCP controller processing program, which could lead to crashes...

5.7CVSS5.8AI score0.00143EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.7 views

Tenda CH22 安全漏洞

The Tenda CH22 is a network device produced by the Chinese company Tenda. Version 1.0.0.1 of the Tenda CH22 contains a security vulnerability. This vulnerability stems from incorrect handling of the wanmode parameter in the functions of the Parameter Handler component, located in the...

9CVSS7.7AI score0.00773EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-5037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in mxml up to 4.0.4. This issue affects the function indexsort of the file mxml-index.c of the component mxmlIndexNew. Executing ...

4.8CVSS5.8AI score0.00128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29143

Name of the Vulnerable Software and Affected Versions Tenda CH22 version 1.0.0.1 Description A flaw exists in Tenda CH22 version 1.0.0.1 within the Parameter Handler component. Specifically, the fromAdvSetWan function in the /goform/AdvSetWan file is susceptible to a stack-based buffer overflow...

9CVSS7.7AI score0.00773EPSS
Exploits1References8
Rows per page
Query Builder