Lucene search
K

24 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 3:50 p.m.7 views

CVE-2026-54297

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nestin...

7.5CVSS5.9AI score0.00391EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/06/18 8:51 a.m.3 views

SUSE-SU-2026:2444-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When...

9.8CVSS6.3AI score0.00715EPSS
Exploits3References20
OSV
OSV
added 2026/05/14 2:16 p.m.12 views

ALPINE-CVE-2026-6477

Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...

8.8CVSS6AI score0.00464EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.7 views

多款D-Link产品安全漏洞

D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have security vulnerabilities, which stem from...

9CVSS7.7AI score0.007EPSS
Exploits1References5
OSV
OSV
added 2026/01/07 10:15 p.m.9 views

AZL-74006 CVE-2025-13151 affecting package gnutls for versions less than 3.8.3-8

Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1expendoctetstring...

7.5CVSS6.4AI score0.01109EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Staging: media: atomisp: Fixed a stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable, and the EFI variable is larger than the expected buffer size, two behaviors combine to cause a stack buffer...

7.8CVSS6.2AI score0.00191EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/27 11:32 a.m.14 views

CVE-2025-11012

A vulnerability was determined in BehaviorTree up to 4.7.0. This affects the function ParseScript of the file /src/scriptparser.cpp of the component Diagnostic Message Handler. Executing manipulation of the argument errormsgsbuffer can lead to stack-based buffer overflow. The attack can only be...

5.3CVSS6.9AI score0.00225EPSS
Exploits1References1
OSV
OSV
added 2025/09/22 4:15 a.m.4 views

UBUNTU-CVE-2025-59799

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...

5.5CVSS6.2AI score0.00188EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/05/13 1:37 p.m.2 views

Security update for expat

This update for expat fixes the following issues: Version update to 2.7.1: Bug fixes: 980 989 Restore event pointer behavior from Expat 2.6.4 that the fix to CVE-2024-8176 changed in 2.7.0; affected API functions are: - XMLGetCurrentByteCount - XMLGetCurrentByteIndex - XMLGetCurrentColumnNumber -...

8.7CVSS10AI score0.19433EPSS
Exploits4References40
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit allocation of the cpumask variable on the stack. For the CONFIGCPUMASKOFFSTACK=y kernel configuration, explicit allocation of the cpumask variable on the stack is not recommended, as it may lead to a...

7.3CVSS6.4AI score0.00223EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.2 views

kernel: netfilter: nf_tables: prefer nft_chain_validate

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection because a cycle will result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

7.8CVSS6.8AI score0.0032EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/10/25 6:17 p.m.6 views

CVE-2023-46559

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr...

9.8CVSS5.8AI score0.00807EPSS
Exploits1References3
Veracode
Veracode
added 2023/08/24 9:21 a.m.20 views

Denial Of Service (DoS)

libsass.so is vulnerable to Denial Of Service DoS. The vulnerability exists in CompoundSelector::hasrealparentref at astselectors.cpp due to a stack overflow which allows an attacker to cause an application crash...

8.8CVSS6.9AI score0.00782EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2023/08/22 7:16 p.m.1 views

DEBIAN-CVE-2022-43357

Stack overflow vulnerability in astselectors.cpp in function Sass::CompoundSelector::hasrealparentref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service DoS. Also affects the command line driver for libsass, sassc 3.6.2...

7.5CVSS7.3AI score0.01252EPSS
Exploits1References1
Prion
Prion
added 2022/12/30 9:15 p.m.15 views

Stack overflow

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTEUSER parameter in the getaccess sub45AC2C function...

7.5CVSS9.6AI score0.00873EPSS
Exploits1References1Affected Software1
Veracode
Veracode
added 2022/04/27 5:56 a.m.23 views

Buffer Overflow

libgpac.so is vulnerable to buffer overflows. The vulnerability exists in diSTboxread in boxcode3gpp.c because when gpac parses an mp4 file, the video content and the buffer length is controllable by the user which causes a stack overflow...

7.8CVSS5.2AI score0.00963EPSS
Exploits1References5Affected Software2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2019:0876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.01178EPSS
Exploits0References2
OSV
OSV
added 2021/01/13 12:1 a.m.9 views

OSV-2017-24 Heap-buffer-overflow in pnm_type_find

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4039 Crash type: Heap-buffer-overflow READ 1 Crash state: pnmtypefind gsttypefindfactorycallfunction gsttypefindhelperfordata...

7.2AI score
Exploits0References1
Prion
Prion
added 2018/08/27 3:29 p.m.21 views

Buffer overflow

An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on...

9CVSS9.6AI score0.01753EPSS
Exploits2References1Affected Software1
Hacker One
Hacker One
added 2017/01/06 8:17 p.m.20 views

shopify-scripts: SIGSEGV - mrb_vm_exec - vm.c in line:1272

PoC: ------------------- The following code triggers the bug attached as testmrbvmexec1272.rb: a,a,a,a=0,def e end a Sandbox: ------------------- x@x:/Desktop/research/mruby-engine/bin$ ./sandbox testmrbvmexec1272.rb ./sandbox:20: BUG Segmentation fault at 0x00000000000018 ruby 2.2.6p396 2016-11-...

Exploits0
Rows per page
Query Builder