Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit allocation of the cpumask variable on the stack. For the CONFIGCPUMASKOFFSTACK=y kernel configuration, explicit allocation of the cpumask variable on the stack is not recommended, as it may cause a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: media: atomisp: Fixed a stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable, and the EFI variable is larger than the expected buffer size, two behaviors combine to cause a stack buffer...

ALPINE-CVE-2026-6477

Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...

多款D-Link产品安全漏洞

D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have security vulnerabilities, which stem from...

AZL-74006 CVE-2025-13151 affecting package gnutls for versions less than 3.8.3-8

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...

CVE-2025-11012

A vulnerability was determined in BehaviorTree up to 4.7.0. This affects the function ParseScript of the file /src/scriptparser.cpp of the component Diagnostic Message Handler. Executing manipulation of the argument errormsgsbuffer can lead to stack-based buffer overflow. The attack can only be...

UBUNTU-CVE-2025-59799

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...

Security update for expat

This update for expat fixes the following issues: Version update to 2.7.1: Bug fixes: 980 989 Restore event pointer behavior from Expat 2.6.4 that the fix to CVE-2024-8176 changed in 2.7.0; affected API functions are: - XMLGetCurrentByteCount - XMLGetCurrentByteIndex - XMLGetCurrentColumnNumber -...

kernel: netfilter: nf_tables: prefer nft_chain_validate

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

CVE-2023-46559

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr...

Denial Of Service (DoS)

libsass.so is vulnerable to Denial Of Service DoS. The vulnerability exists in CompoundSelector::hasrealparentref at astselectors.cpp due to a stack overflow which allows an attacker to cause an application crash...

DEBIAN-CVE-2022-43357

Stack overflow vulnerability in astselectors.cpp in function Sass::CompoundSelector::hasrealparentref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service DoS. Also affects the command line driver for libsass, sassc 3.6.2...

Stack overflow

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTEUSER parameter in the getaccess sub45AC2C function...

Buffer Overflow

libgpac.so is vulnerable to buffer overflows. The vulnerability exists in diSTboxread in boxcode3gpp.c because when gpac parses an mp4 file, the video content and the buffer length is controllable by the user which causes a stack overflow...

SUSE: Security Advisory (SUSE-SU-2019:0876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2017-24 Heap-buffer-overflow in pnm_type_find

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4039 Crash type: Heap-buffer-overflow READ 1 Crash state: pnmtypefind gsttypefindfactorycallfunction gsttypefindhelperfordata...

Buffer overflow

An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on...

shopify-scripts: SIGSEGV - mrb_vm_exec - vm.c in line:1272

PoC: ------------------- The following code triggers the bug attached as testmrbvmexec1272.rb: a,a,a,a=0,def e end a Sandbox: ------------------- x@x:/Desktop/research/mruby-engine/bin$ ./sandbox testmrbvmexec1272.rb ./sandbox:20: BUG Segmentation fault at 0x00000000000018 ruby 2.2.6p396 2016-11-...

MP3-CD-Converter-Professional-5.3.0

Exploit Title: MP3 CD Converter Professional Universal DEP Bypass Exploit Date: 11\08\2011 Author: C4SS!0 G0M3S Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe from struct import pack from time import sleep from sys import exit print ''' Created By C4SS!0 G0M3S E-mail...

Gentoo Security Advisory GLSA 200709-12 (poppler)

The remote host is missing updates announced in advisory GLSA 200709-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...