CVE-2026-26071

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::string concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update EV/ISO15118 and OCPP session/authorization events. Version 2026.02.0 contains a patch...

CVE-2026-26071 EVerest: OCPP 2.0.1 EVCCID Data Race Leads to Heap Use‑After‑Free

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::string concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update EV/ISO15118 and OCPP session/authorization events. Version 2026.02.0 contains a patch...

CVE-2026-26071

CVE-2026-26071 – EVerest : The affected product is the EVerest EV charging software stack. Versions prior to 2026.02.0 suffer a data race that allows concurrent access to a std::string, with a possible heap-use-after-free. The issue is triggered by EVCCID updates (EV/ISO15118) and OCPP session/au...

CVE-2026-26071

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::string concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update EV/ISO15118 and OCPP session/authorization events. Version 2026.02.0 contains a patch...

PT-2025-16979 · NetGear · Netgear R61

Name of the Vulnerable Software and Affected Versions: Netgear R61 version 1.0.1.28 Description: A Buffer Overflow issue allows a remote attacker to execute arbitrary code via the QUERY STRING key value. Recommendations: For version 1.0.1.28, update to a newer version that contains a fix for this...

Linux Distros Unpatched Vulnerability : CVE-2023-52464

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of- bounds string access Enabling -Wstringop-overflow...

SUSE CVE-2024-57930

In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a TRACEEVENT TPfastassign assigns an address of an allocated string to the ring buffer and then references it in TPprintk, which can be executed...

CVE-2024-42330

The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. The problem is that the returned strings are created directly from the data returned by the server and are not correctly encoded for JavaScript. This allows to create internal strings that...

CVE-2024-36463

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...

Fedora 40 : abseil-cpp (2024-bb70b21754)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-bb70b21754 advisory. Update to 20240116.2: fixes possible out-of-bounds string access as described in https://github.com/abseil/abseil-cpp/pull/1650. Tenable has extracted the...

CVE-2023-52464

CVE-2023-52464 affects the Linux kernel EDAC/thunderx driver. The issue is a potential out-of-bounds string access in thunderx_ocx_com_threaded_isr due to repeated use of strncat with an incorrect buffer size, which mimics a strlcat-like pattern but uses the wrong bound. The root cause is the mis...

CVE-2023-52464 EDAC/thunderx: Fix possible out-of-bounds string access

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat: drivers/edac/thunderxedac.c: In function 'thunderxocxcomthreadedisr':...

CVE-2023-52464 EDAC/thunderx: Fix possible out-of-bounds string access

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat: drivers/edac/thunderxedac.c: In function 'thunderxocxcomthreadedisr':...

CVE-2023-52464

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat: drivers/edac/thunderxedac.c: In function 'thunderxocxcomthreadedisr':...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that originates when UpdateRegExpStatics attempts to access the initialStringHeap, which may be garbage-collected before it enters the function, which...

CVE-2018-5207

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string...

CVE-2018-5207

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string...

CVE-2018-5207

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string...

CVE-2010-4534

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated users to obtain sensitive information via a series...

Default SNMP configuration issue with Foundry Networks EdgeIron 4802F

28-02-02 -- [email protected] "The EdgeIron family of Layer 2 switches is designed to provide wire-speed performance, superior port density, and complete standard Layer 2 feature sets at an aggressive price for Enterprise users." Problem: -------- Foundry Networks EdgeIron 4802F Fast...