12 matches found
CVE-2026-25790
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...
CVE-2026-25790
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...
CVE-2026-25790
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...
CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...
CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser
Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...
CVE-2025-70252
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
CVE-2025-70252
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...
CVE-2025-70085
An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...
CVE-2026-22189
The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...
CVE-2026-22189 Panda3D <= 1.10.16 egg-mkfont Stack Buffer Overflow
The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...
CVE-2026-22189 Panda3D <= 1.10.16 egg-mkfont Stack Buffer Overflow
The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...
PT-2026-2163
Name of the Vulnerable Software and Affected Versions Panda3D versions up to and including 1.10.16 Description The software contains a stack-based buffer overflow issue because of the use of an unbounded sprintf call with input controlled by an attacker. When creating glyph filenames, the softwar...