Lucene search
K

74149 matches found

OSV
OSV
added 2026/03/26 7:49 p.m.7 views

CVE-2026-33532 yaml is vulnerable to Stack Overflow via deeply nested YAML collections

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

4.3CVSS6.2AI score0.00469EPSS
Exploits1References6
Snyk
Snyk
added 2026/03/26 7:14 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.9CVSS6.4AI score0.00128EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/26 7:14 p.m.5 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.9CVSS6.4AI score0.00128EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/03/26 7:14 p.m.8 views

ImageMagick has an Out-of-bounds Write via InterpretImageFilename

Due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. ================================================================= ==48558==ERROR: AddressSanitizer: stack-buffer-overflow o...

5.1CVSS6AI score0.00128EPSS
Exploits0References3Affected Software17
OSV
OSV
added 2026/03/26 7:14 p.m.2 views

GHSA-8793-7XV6-82CF ImageMagick has an Out-of-bounds Write via InterpretImageFilename

Due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write. ================================================================= ==48558==ERROR: AddressSanitizer: stack-buffer-overflow o...

5.1CVSS6.1AI score0.00128EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/26 7:14 p.m.5 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write due to an incorrect return value on certain platforms, which causes a pointer to be incremented past the end of a stack buffer in the InterpretImageFilename function. An attacker can cause a denial of service or...

5.9CVSS6.4AI score0.00128EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/26 7:14 p.m.4 views

Out-of-bounds Write

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.9CVSS6.4AI score0.00128EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/26 6:39 p.m.2 views

CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

7.8CVSS6.6AI score0.00239EPSS
Exploits1References1
CVE
CVE
added 2026/03/26 6:39 p.m.6 views

CVE-2026-33491

Zen C compiler before v0.4.4 is vulnerable to a stack-based buffer overflow in identifier mangling. A specially crafted Zen C source (.zc) with excessively long struct, function, or trait identifiers can cause a compiler crash or potentially allow arbitrary code execution. The issue affects Zen C...

7.8CVSS6.6AI score0.00239EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/26 6:39 p.m.2 views

CVE-2026-33491

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

7.8CVSS6.6AI score0.00239EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/03/26 6:39 p.m.8 views

EUVD-2026-16319

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

7.8CVSS6.6AI score0.00239EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 6:39 p.m.5 views

CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

7.8CVSS6.5AI score0.00239EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2026/03/26 6:5 p.m.5 views

Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip bsc1246602. CVE-2026-26269: Netbeans specialKeys stack buffer overflow bsc1258229. CVE-2026-28417: crafted URL parsed by netrw plugin can...

5.4CVSS6.4AI score0.01162EPSS
Exploits1References12
NVD
NVD
added 2026/03/26 5:16 p.m.4 views

CVE-2026-27814

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ UB triggered by an A 1-phase ↔ 3-phase switch request acswitchthreephaseswhilecharging during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch...

4.2CVSS0.00134EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 4:19 p.m.3 views

EUVD-2026-16218

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

7CVSS5.8AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.3 views

CVE-2025-70245

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizardSelectMode...

9.8CVSS6AI score0.00595EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.3 views

CVE-2026-25823

HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 have a stack buffer overflow that leads to a Denial of Service, which can also be exploited to achieve Unauthenticated Remote Code Execution...

9.8CVSS6AI score0.00725EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.5 views

CVE-2026-30006

XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...

6.2CVSS5.8AI score0.00158EPSS
Exploits1References1
NVD
NVD
added 2026/03/26 3:16 p.m.11 views

CVE-2026-23995

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ 16 to CAN open routines overflows ifreq.ifrname, corrupting adjacent stack data and enabling potential code execution. ...

8.4CVSS0.00211EPSS
Exploits1References1
NVD
NVD
added 2026/03/26 3:16 p.m.4 views

CVE-2026-22593

EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals MAXFILENAMELENGTH 100. A crafted filename in the certificate directory can overflow filenamesidx,...

8.4CVSS0.00138EPSS
Exploits1References1
Rows per page
Query Builder