EUVD-2026-33528

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-34232

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the iscargcstring type when decoding an opresponse packet, causing a server crash when one is encountered in the status vector. An...

EUVD-2007-2318

Malware in sbrugna...

PT-2024-17476 · Unknown · Code-Projects Hotel Management System

Name of the Vulnerable Software and Affected Versions: code-projects Hotel Management System version 1.0 Description: A problem has been found in the code-projects Hotel Management System, affecting unknown code of the Administrator Login Password Handler component. The manipulation of the Str2...

zstd: mysql: buffer overrun in util.c

A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun. Remediation Upgrade zstd to version 1.5.4 or higher. References - GitHub Issue - GitHub PR Credit: yiyuaner...

A vulnerability was found in zstd v1.4.10 where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

...

CVE-2022-4899

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun...

sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

An array-bounds overflow vulnerability was discovered in SQLite. The vulnerability occurs when handling an overly large input passed as a string argument to some of the C-language APIs provided by SQLite. This flaw allows a remote attacker to pass specially crafted large input to the application...

CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

X.Org libX11 输入验证错误漏洞

X.Org libX11 is an X11 X Window System client library from the X.Org X.org Foundation. An input validation error vulnerability exists in libX11 that stems from the lack of proper validation of XLookupColor and other X library functions with respect to the length of their string arguments...

UBUNTU-CVE-2016-2337

Type confusion exists in canceleval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution...

CVE-2009-5072

Memory leak in the ldapexplodedn function in IBM Tivoli Directory Server TDS 6.0 before 6.0.0.61 aka 6.0.0.8-TIV-ITDS-IF0003 allows remote authenticated users to cause a denial of service memory consumption via an empty string argument...

Buffer overflow

Multiple buffer overflows in qoslist in IBM AIX 6.1 allow local users to cause a denial of service application crash or possibly gain privileges via a long string argument. NOTE: some of these details are obtained from third party information...

Buffer overflow

Multiple buffer overflows in a certain ActiveX control in ActiveDom.ocx in HP OpenView Network Node Manager OV NNM 7.53 might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via a long string argument to the 1 DisplayName, 2 AddGroup, 3...

Sql injection

Opera 9.52 and earlier allows remote attackers to cause a denial of service CPU and memory consumption, and application hang via a long Unicode string argument to the write method, a related issue to CVE-2009-2479...

CVE-2009-1904 ruby: DoS vulnerability in BigDecimal

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...

Buffer overflow

Multiple buffer overflows in the Deployment Toolkit ActiveX control in deploytk.dll 6.0.130.3 in Sun Java SE Runtime Environment aka JRE 6 Update 13 allow remote attackers to execute arbitrary code via a long string argument to the 1 setInstallerType, 2 setAdditionalPackages, 3 compareVersion, 4...

Adobe Acrobat util.printf JavaScript function buffer overflow

Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...

Stack overflow

Stack-based buffer overflow in the DebugPrint function in MultiXTpm Application Server before 4.0.2d allows remote attackers to execute arbitrary code via a long string argument...