CVE-2026-30872

OpenWrt OpenWrt mdns vulnerability CVE-2026-30872 affects versions prior to 24.10.6 and 25.12.1. The issue lies in the mdns daemon’s match_ipv6_addresses function, where a domain name copied into a 256-byte stack buffer via strcpy is followed by extracting a reverse IPv6 PTR query into a 46-byte ...

CVE-2026-25749

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

CVE-2026-25749 Heap Overflow in Vim

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

CVE-2012-10043

ActFax Server 4.32 is affected by a stack-based buffer overflow in the Import Users from File function. The root cause is improper validation of the length of tab-delimited fields in .exp files, causing unsafe usage of strcpy() during CSV parsing. An attacker can compromise the system by crafting...

PT-2024-10258 · Linksys · Linksys E8450

Name of the Vulnerable Software and Affected Versions: Linksys E8450 version 1.2.00.360516 Description: A buffer overflow issue was discovered, where the lan ipaddr field is copied to the stack without length verification. This could allow a remote attacker to cause a denial of service. The...

UBUNTU-CVE-2024-28219

In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy...

The vulnerability of the lou_setDataPath function in the opileTranslationTable.c file of the Liblouis translator, which allows a hacker to trigger a service failure.

The vulnerability of the lousetDataPath function in ompileTranslationTable.c in the Liblouis translator is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the my_parse_cookie function in the web server of the MOXA EDR-810 industrial router allows a hacker to execute arbitrary code.

The vulnerability of the myparsecookie function offset 0x1B014 on the web server jffs2-root\fs1\magicP\WebServer\webs of the MOXA EDR-810 industrial router arises due to the lack of checks on the size of the data being copied into a buffer of 0x40 bytes. Exploiting this vulnerability allows an...