Lucene search
K

166 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ext4: Fixed string copying in parseapplysbmountoptions. The strnlen function cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 “string.h: Introduce memtos...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

OpenSSL 缓冲区错误漏洞

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

8.1CVSS5.9AI score0.00358EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:15 p.m.10 views

CVE-2026-10293 UTT HiPER 1200GW formFireWall strcpy stack-based overflow

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the argument Profile causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be...

9CVSS7.6AI score0.00472EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 1:30 a.m.30 views

CVE-2026-9632

CVE-2026-9632 affects UTT HiPER 1250GW (up to version 3.2.7-210907-180535). The vulnerability resides in the Web Management Interface, specifically the strcpy call in /goform/formGroupConfig, where manipulating the Profile argument can cause a stack-based buffer overflow. This flaw enables a remo...

9CVSS7.7AI score0.00463EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/27 12:0 a.m.45 views

CVE-2026-38426

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv10scripter.ino, fetchjpg, jpgtask.boundary40, strcpy function...

0.00614EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/05/06 8:21 p.m.13 views

CVE-2026-34462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.8CVSS6.2AI score0.00174EPSS
Exploits1References1
OSV
OSV
added 2026/05/06 3:8 p.m.2 views

CVE-2026-6691 MongoDB C Driver Cyrus SASL Canonicalization Buffer Overflow

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI...

8.6CVSS6.1AI score0.00126EPSS
Exploits0References3
NVD
NVD
added 2026/05/05 8:16 p.m.7 views

CVE-2026-34462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.8CVSS0.00174EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/05 7:30 p.m.26 views

CVE-2026-34462 Sandboxie-Plus ProcessServer boxname stack buffer overflows via unterminated wide string copy

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS0.00174EPSS
Exploits1References1
CVE
CVE
added 2026/05/05 7:30 p.m.10 views

CVE-2026-34462

Sandboxie-Plus (Windows) versions ≤ 1.17.2 are affected by a stack-based overflow in ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler due to copying a WCHAR boxname[34] into a WCHAR[40] buffer with wcscpy without verifying termination. The service pipe allows conn...

7.8CVSS6.2AI score0.00174EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/05/05 7:30 p.m.7 views

EUVD-2026-27462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS6.2AI score0.00174EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/05 7:30 p.m.7 views

CVE-2026-34462 Sandboxie-Plus ProcessServer boxname stack buffer overflows via unterminated wide string copy

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS6.2AI score0.00174EPSS
Exploits1References1
OSV
OSV
added 2026/05/05 7:30 p.m.3 views

CVE-2026-34462 Sandboxie-Plus ProcessServer boxname stack buffer overflows via unterminated wide string copy

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS6.3AI score0.00174EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/04 3:29 p.m.9 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the AddBinaryProperty function of the FBX Importer, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation. An attacker can achieve...

9.8CVSS6.4AI score0.0034EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/30 11:30 p.m.8 views

EUVD-2026-26464

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

9CVSS8.6AI score0.00472EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 10:30 p.m.26 views

CVE-2026-7420 UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

9CVSS0.00463EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 10:15 p.m.8 views

CVE-2026-7419

The CVE-2026-7419 entry describes a vulnerability in UTT HiPER 1250GW up to version 3.2.7-210907-180535 where the strcpy usage in route/goform/formTaskEdit_ap allows manipulation of the Profile argument to cause a buffer overflow. Remote exploitation is possible, and the exploit is publicly avail...

9CVSS8.5AI score0.00544EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 10:0 p.m.34 views

CVE-2026-7418 UTT HiPER 1250GW NTP strcpy buffer overflow

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...

9CVSS0.00563EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013596)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013596 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy BUG: KASAN: stack-out-of-bounds in...

5.8AI score0.00206EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.14 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011243)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011243 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy BUG: KASAN: stack-out-of-bounds in...

5.8AI score0.00206EPSS
Exploits0References4
Rows per page
Query Builder