12 matches found
CLSA-2026-1774017701 postgresql: Fix of CVE-2026-2006
CVE-2026-2006: fix missing validation of multibyte character length in text manipulation; add proper length checks and bounds validation; prevent crafted queries from triggering buffer overrun and enabling arbitrary code execution...
FreeBSD : PostgreSQL -- Multiple vulnerabilities (e3afc190-0821-11f1-a857-6cc21735f730)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e3afc190-0821-11f1-a857-6cc21735f730 advisory. The PostgreSQL project reports: Improper validation of type oidvector in PostgreSQL allows a...
TOTOLINK NR1800X 安全漏洞
TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's Gion Electronics TOTOLINK. The TOTOLINK NR1800X suffers from a buffer overflow vulnerability that stems from the text parameter in the setSmsCfg function failing to correctly validate the length size of the input data,...
CLSA-2025-1738170565 vim: Fix of 5 CVEs
CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4735: don't overflow buf2, check size in for loop - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4752: validate buffer before accessing it - CVE-2023-4781: disallow exchanging windows when textlock is active - Drop...
CVE-2023-43824
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code...
CVE-2023-43815
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution...
PT-2023-9330 · Pillow +9 · Pillow +9
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 10.0.0 Description: The issue is related to a Denial of Service in Pillow, where the truetype function in ImageFont uncontrollably allocates memory when processing a long text argument in an ImageDraw instance. This c...
CLSA-2023-1685377940 vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
CLSA-2023-1685377319 vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
vim: Fix of CVE-2023-2610
CVE-2023-2610: limit the text length to MAXCOL...
Denial Of Service (DoS)
vim:sid is vulnerable to denial of service. A buffer over-read in GitHub repository is caused due to lack proper computation of text length...
libvncserver security update
0.9.9-12 - Fix CVE-2018-7225 improper client cut text length sanitization bug 1548440...