17 matches found
ALPINE-CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
EUVD-2026-38184
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
PT-2026-51243
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow occurs in the doProlog function, specifically related to storeEntityValue and the entity textLen variable. An integer overflow is a condition where an arithmetic operation attemp...
CLSA-2026-1774017701 postgresql: Fix of CVE-2026-2006
CVE-2026-2006: fix missing validation of multibyte character length in text manipulation; add proper length checks and bounds validation; prevent crafted queries from triggering buffer overrun and enabling arbitrary code execution...
FreeBSD : PostgreSQL -- Multiple vulnerabilities (e3afc190-0821-11f1-a857-6cc21735f730)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e3afc190-0821-11f1-a857-6cc21735f730 advisory. The PostgreSQL project reports: Improper validation of type oidvector in PostgreSQL allows a...
TOTOLINK NR1800X 安全漏洞
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the text parameter in the setSmsCfg function failing to correctly validate the length size of the input data,...
CLSA-2025-1738170565 vim: Fix of 5 CVEs
CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4735: don't overflow buf2, check size in for loop - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4752: validate buffer before accessing it - CVE-2023-4781: disallow exchanging windows when textlock is active - Drop...
CVE-2023-43824
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code...
CVE-2023-43815
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution...
PT-2023-9330
Name of the Vulnerable Software and Affected Versions Pillow versions prior to 10.0.0 Description The issue is related to a Denial of Service in Pillow, where the truetype function in ImageFont uncontrollably allocates memory when processing a long text argument in an ImageDraw instance. This can...
CLSA-2023-1685377940 vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
CLSA-2023-1685377319 vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
Denial Of Service (DoS)
vim:sid is vulnerable to denial of service. A buffer over-read in GitHub repository is caused due to lack proper computation of text length...
libvncserver security update
0.9.9-12 - Fix CVE-2018-7225 improper client cut text length sanitization bug 1548440...