vulnerability-lab

🔐 Vulnerability Lab Buffer Overflow + SQLi ⚠️ FOR EDUCATI...

CVE-2025-70067

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-27821 GPAC NHML Demuxer (dmx_nhml.c) Vulnerable to Stack Buffer Overflow

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

CVE-2026-25749

A flaw was found in Vim, an open source, command line text editor. This heap buffer overflow vulnerability exists in the tag file resolution logic when processing the 'helpfile' option. A local user could exploit this by providing a specially crafted 'helpfile' option value, leading to a heap...

AZL-77411 CVE-2026-25749 affecting package vim for versions less than 9.2.0088-1

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

ALPINE-CVE-2026-25749

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

UBUNTU-CVE-2026-25749

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

CVE-2026-25749

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

UTT 512W 安全漏洞

The UTT 512W is a wireless router from China Aitai UTT. A security vulnerability exists in the UTT 512W version 1.7.7-171114, which originates from an incorrect operation of the function strcpy in the file /goform/formFtpServerShareDirSelcet, which could result in a buffer overflow...

curl: Stack Buffer Overflow in cURL wolfSSL Backend (lib/vtls/wolfssl.c)

Summary: A stack-based buffer overflow exists in the wsslstrerror function of cURL's wolfSSL TLS backend. The function uses an unsafe strcpy call, relying solely on a DEBUGASSERT macro for boundary checking. This macro is disabled in production release builds -DNDEBUG, allowing memory corruption...

CVE-2025-60695

A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...

curl: Unsafe use of strcpy in Curl_ldap_err2string (packages/OS400/os400sys.c) — stack-buffer-overflow (PoC + ASan)

I've provided the detailed description and clear steps previously, but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional, and detailed response suitable for reporting a memory corruption vulnerability to a vendor or bug...

Buffer Overflow

libcsp.so is vulnerable to Buffer Overflow. The vulnerability is due to improper handling of the ifname parameter in the cspethinit function, where strcpy is used without validating input length, which allows an attacker to overflow the buffer and potentially execute arbitrary code...

curl: Buffer Overflow in WebSocket Handshake (lib/ws.c:1287)

Summary: Buffer overflow vulnerability in curl's WebSocket implementation due to unsafe use of strcpy in the handshake process. The vulnerability is located at lib/ws.c:1287 where strcpykeyval, randstr is called without proper bounds checking, despite having a bounds check earlier in the code. AI...

EUVD-2011-5256

Malware in sbrugna...

Unity Linux 20.1070e Security Update: iptraf-ng (UTSA-2025-634479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-634479 advisory. iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to...

EUVD-2025-23201

Malicious code in bioql PyPI...

CodeChecker has a buffer overflow in the log command

Summary CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command. Details Unsafe usage of strcpy function in the internal ldlogger library allows attackers to trigger a buffer overflow by supplying...