CVE-2026-23749

Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwisetransferinit accepts a path whose length equals CONFIGGOLIOTHCOAPMAXPATHLEN and copies it using strncpy without...

CVE-2019-11365

An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this...

The vulnerability of the process.c file in the user authentication system xauth, related to insufficient input validation, allows a perpetrator to compromise data integrity and cause service failures.

The vulnerability in the process.c file of the xauth user authentication software is related to insufficient validation of input data when using strncpy in the doadd function. Exploiting this vulnerability allows an attacker to compromise data integrity and cause service failures...

DEBIAN-CVE-2020-25412

comline in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy that may lead to arbitrary code execution...

Progress Database vulnerabilities

strcpy and pstcopy dbutpstcopy are BAD!@@!$! you need to make use of strncpy or invent pstncopy This is straight from the unix man pages for strcpy NAME strcpy, strncpy - copy a string SYNOPSIS include string.h char strcpychar dest, const char src; BUGS If the destination string of a strcpy is no...