43 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed a potential buffer overflow in nfssysfslinkrpcclient. The name field is defined as char64, and the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to a potential buffer overflow...
BIT-PHP-2025-14179 SQL injection in pdo_firebird via NUL bytes in quoted strings
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...
CVE-2022-37235
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.13410.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncat...
kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
EUVD-2002-1353
Malware in sbrugna...
CVE-2024-54456
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
DEBIAN-CVE-2024-54456
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
UBUNTU-CVE-2024-54456
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
CVE-2024-54456 NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
CVE-2024-54456
CVE-2024-54456 : Linux kernel NFS path vulnerability in nfs_sysfs_link_rpc_client() leading to potential buffer overflow due to strcat on cl_program->name; fix replaces with strscpy() and strncat() (kernel-side patch). Affected: Linux kernel NFS subsystem; root cause: unbounded name field size...
CVE-2024-54456 NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix potential buffer overflowin nfssysfslinkrpcclient name is char64 where the size of clnt-clprogram-name remains unknown. Invoking strcat directly will also lead to potential buffer overflow. Change them to strscpy and...
OSV-2025-145 Heap-buffer-overflow in ___interceptor_strncat
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=397731139 Crash type: Heap-buffer-overflow READ 1 Crash state: interceptorstrncat processndpicollectedinfo nodecleanupwalker...
PT-2025-7664 · Git +1 · Ndpi
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the interceptor strncat function, process ndpi collected info, and node cleanup...
PT-2025-8819
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential buffer overflow issue has been identified in the Linux kernel, specifically in the nfs sysfs link rpc client function. The issue arises from the use of strcat with a char arr...
kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c
A flaw was found in the Linux Kernel. An improper buffer size is provided to the strncat function, which may result in an out-of-bounds write, leading to memory corruption or a denial of service...
kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c
A flaw was found in the Linux Kernel. An improper buffer size is provided to the strncat function, which may result in an out-of-bounds write, leading to memory corruption or a denial of service...
kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c
A flaw was found in the Linux Kernel. An improper buffer size is provided to the strncat function, which may result in an out-of-bounds write, leading to memory corruption or a denial of service...
CVE-2023-52159
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service grossd daemon crash or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry...
CVE-2023-52159
A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service grossd daemon crash or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry...