This page collects WhisperX intelligence signals tagged #Buffer Overflow. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
EKG Gadu 1.9~pre+r2855-3+b1 버전에 존재하는 로컬 버퍼 오버플로우 취약점(CVE-2016-20047)이 공개되었다. 이 취약점은 사용자 이름 매개변수 처리 과정에서 발생하며, CVSS 4.0 기준 8.6의 높은 위험 등급을 받았다. 공격 벡터는 로컬이며, 공격 복잡도는 낮고 필요한 권한은 없다는 점에서 시스템에 대한 물리적 접근이 가능한 공격자에게 위험한 진입로를 제공한다. 해당 취약점은 특정 버전의 EKG Gadu 소프트웨어에만 영향을 미친다. 공식 CVSS 평가에 따르면, 이 취약점은 취약한 시스템의 기밀성, 무결성, 가용성 모두에 대해 높...
TiEmu 에뮬레이터의 오래된 취약점이 CVSS 9.3의 심각한 위험을 재조명받았다. CVE-2017-20225는 TiEmu 버전 2.08에서 사용자 입력 검증 부족으로 발생하는 스택 기반 버퍼 오버플로우(CWE-787)로, 네트워크를 통해 원격으로 악용될 수 있다. 공격 복잡도는 낮고, 특별한 권한이나 사용자 상호작용이 필요 없어 공격 벡터가 매우 넓다. 이로 인해 시스템의 기밀성, 무결성, 가용성(VC:H, VI:H, VA:H)이 모두 높은 수준으로 위협받을 수 있다. 취약점은 ticalc의 TiEmu 에뮬레이터 버전 2.08에만 영향을 미친다. 공격자는 이 취...
A critical, unpatched vulnerability in the Crashmail 1.6 software presents a direct path for remote attackers to seize control of affected systems. Designated CVE-2018-25223, this flaw carries a maximum severity CVSS score of 9.8, indicating a trivial attack vector with no required privileges that can lead to full syst...
A critical buffer overflow vulnerability, tracked as CVE-2026-39892, has been identified in the widely-used `cryptography` library, prompting urgent security patches. The flaw, which affects versions 45.0.0 through 46.0.7, can be triggered when non-contiguous buffers are passed to specific APIs, such as `Hash.update()`...
Microsoft has disclosed a high-severity security flaw in a core .NET Framework component, exposing countless applications to potential denial-of-service attacks. The vulnerability, tracked as CVE-2026-32203, resides within the `System.Security.Cryptography.Xml` namespace, specifically in the `EncryptedXml` class. A sta...
A critical vulnerability, CVE-2026-34743, has been identified in the XZ Utils data-compression library, exposing systems to a potential buffer overflow. The flaw resides in the `lzma_index_decoder()` function. When this function is used to decode an Index containing zero Records, it leaves the resulting `lzma_index` in...
The openEuler kernel project has merged a critical security fix addressing a buffer overflow vulnerability in the Linux kernel's AF_ALG cryptographic interface. The patch, committed on April 29, 2026, resolves CVE-2026-31677 and targets a flaw in how the receive scatter-gather (RX SG) list extraction was handled withou...
A critical security update for the widely-used Python cryptography library has addressed two vulnerabilities, including a buffer overflow issue that could allow attackers to exploit non-contiguous memory buffers. The update, which bumps the library from version 46.0.1 to 46.0.7, includes patches for CVE-2026-39892 and ...
A pull request addressing a buffer overflow vulnerability in Intercom has been submitted to the project's GitHub repository, with full technical details deliberately withheld until the fix is merged. The patch, referencing issue #14, flags a potential memory safety flaw that could be exploited under specific conditions...
A critical remote code execution vulnerability has been identified in Visual Studio Code versions 1.119.0 and earlier, affecting the internal protocol that webviews use to load VS Code-controlled root webview content. The flaw could enable untrusted scripts to execute within the webview environment, potentially exposin...