USN-8309-1: libssh2 vulnerability

It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker could possibly use this issue to cause a denial of service...

USN-8309-1 libssh2 vulnerability

It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker could possibly use this issue to cause a denial of service...

libssh2: Fix of CVE-2026-7598

CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the userauthpassword function in userauth.c. An attacker can cause memory corruption or potentially execute arbitrary code by sending specially crafted values for usernamelen or passwordlen remotely...

CVE-2026-7598

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

CVE-2026-7598

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

CVE-2026-7598

CVE-2026-7598 affects libssh2 up to 1.11.1. The vulnerable component is the function userauth_password in src/userauth.c, where manipulation of username_len/password_len can trigger an integer overflow. The issue could allow a remote attacker to exploit the overflow, impacting confidentiality/ in...

libssh2 数字错误漏洞

libssh2 is The libssh2 project open source a client C library that implements the SSH2 protocol , it can execute remote commands , file transfers , as well as for remote programs to provide a secure transmission channel . libssh2 1.11.1 and earlier versions of the number error vulnerability , the...

CVE-2019-25544

Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat,...

PT-2026-6832

Name of the Vulnerable Software and Affected Versions AbsoluteTelnet version 11.12 Description The software contains a denial of service issue in the SSH2 username input field. Local attackers can cause the application to crash by overwriting the username field with a 1000-byte buffer, leading to...

PT-2026-6834

Name of the Vulnerable Software and Affected Versions TapinRadio version 2.12.3 Description TapinRadio version 2.12.3 has a denial of service issue in the application proxy username configuration. Local attackers can cause the application to crash by overwriting the username field with 10,000 byt...

CIRCUTOR SGE-PLC1000和CIRCUTOR SGE-PLC50 安全漏洞

The CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 are both a network concentrator from CIRCUTOR Spain. A security vulnerability exists in the CIRCUTOR SGE-PLC1000 and CIRCUTOR SGE-PLC50 version v9.0.2, which stems from the AddEvent function not validating the length of the username input, which cou...

CVE-2025-65002

Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters...

CVE-2025-65002

The vulnerability CVE-2025-65002 affects Fujitsu Fsas Technologies iRMC S6 (M5) prior to version 1.37S. It stems from incorrect authorization (CWE-863) for the Remote Management Controller implemented in PRIMERGY, allowing a user with non-administrator privileges to access the Web UI or Redfish A...

Fujitsu iRMC 安全漏洞

Fujitsu iRMC is an integrated remote management controller from Fujitsu Japan. A security vulnerability exists in the Fujitsu iRMC that stems from improper handling of usernames up to 16 characters in length, which could lead to Redfish/WebUI access issues...

PT-2025-46684

Name of the Vulnerable Software and Affected Versions Fujitsu iRMC S6 on M5 versions prior to 1.37S Description The software mishandles Redfish/WebUI access when a username with a length of exactly 16 characters is used. The issue affects access through the Redfish API and the WebUI. The vulnerab...

EUVD-2019-7129

Malware in sbrugna...

EUVD-2022-5580

Malicious code in bioql PyPI...

EUVD-2024-48911

Malicious code in bioql PyPI...

Tenda FH1202 /goform/PPTPDClient File Buffer Overflow Vulnerability

The Tenda FH1202 is a wireless router from Tenda China. The Tenda FH1202 version 1.2.0.14408 suffers from a buffer overflow vulnerability, which originates from the failure of the function fromPptpUserAdd parameter Username to correctly validate the length of the input data in the file...