EUVD-2021-13397

Malware in sbrugna...

CVE-2025-46687

quickjs-ng through 0.9.0 has a missing length check in JSReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected...

CVE-2021-26603

A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the ArkDigPathA function parsed a file path. This vulnerability is due to missing support for string length check...

UBUNTU-CVE-2024-39487

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in bondoptionarpiptargetsset In function bondoptionarpiptargetsset, if newval-string is an empty string, newval-string+1 will point to the byte after the string, causing an out-of-bound read. BUG:...

Moderate: c-ares security, bug fix, and enhancement update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. The following packages have been upgraded to a later upstream version: c-ares 1.19.1. BZ2210370 Security Fixes: c-ares: buffer overflow in configsortlist due to missing string length check...

CLSA-2022-1658172267 Fix CVE(s): CVE-2022-2206, CVE-2022-2257, CVE-2022-2286, CVE-2022-2285, CVE-2022-2284, CVE-2022-2287, CVE-2022-2264

SECURITY UPDATE: Out-of-bound read in function msgouttransattr - debian/patches/CVE-2022-2206.patch: Adjust cmdlinerow and msgrow to the value of Rows. - CVE-2022-2206 SECURITY UPDATE: Heap-based buffer overflow in function utfcptr2len - debian/patches/CVE-2022-2284.patch: Stop Visual mode when...

Heap overflow

A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the ArkDigPathA function parsed a file path. This vulnerability is due to missing support for string length check...

CVE-2021-26603 bandisoft ARK library heap overflow vulnerability

A heap overflow issue was found in ARK library of bandisoft Co., Ltd when the ArkDigPathA function parsed a file path. This vulnerability is due to missing support for string length check...

CVE-2021-26603

CVE-2021-26603 describes a heap overflow in Bandisoft’s ARK library caused by Ark_DigPathA parsing a file path without proper string length checks. The issue affects the ARK library and is documented with multiple sources (NVD, Red Hat, CVE lists). The vulnerability is described as a heap overflo...

Khan Academy: Client Side string length check

A client-side string length check vulnerability allowed an attacker to save excessively long strings in the "Class Settings" page on khanacademy.org, potentially causing various issues such as content manipulation, page template breaking, and crashing for low-memory visitors...

Heap overflow

Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file...

CVE-2017-8312

Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file...

Internet Bug Bounty: iconv() function missing string length check

https://bugs.php.net/bug.php?id=73368...

SUSE-SU-2015:0400-1 Security update for xorg-x11-server

xorg-x11-server was updated to fix one security issue. This security issue was fixed: - CVE-2015-0255: Check string lenghts in XkbSetGeometry request bnc915810...

KLA10153 DoS vulnerability in FAR manager

Lack of string length check was found in FAR manager. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited locally via a specially designed path. Original advisories vulnerability Related products FAR-Manager CVE list CVE-2003-1445...