Tag

Overflow

3 briefs RSS

Stack Buffer Overflow in Oj Ruby Gem (CVE-2026-54502)

The `Oj.dump` function in the `Oj` Ruby gem is vulnerable to a stack-based buffer overflow (CVE-2026-54502) due to improper validation of the `:indent` parameter, allowing an attacker to trigger a process crash or potentially remote code execution by providing an excessively large integer value, affecting all `Oj` gem versions prior to `3.17.2`.

oj gem overflow ruby gem denial-of-service remote-code-execution application-vulnerability

3r 4t 1d ago

medium threat

CVE-2026-31704 ksmbd u16 DACL Size Overflow Vulnerability

2 rules 2 TTPs 1 CVE

CVE-2026-31704 is a vulnerability in ksmbd related to the use of check_add_overflow() to prevent a u16 DACL size overflow, potentially leading to denial of service or privilege escalation.

ksmbd dacl overflow denial of service privilege escalation

2r 2t 1c May 19, 2026

high advisory

CVE-2026-43894 jq: Wild stack write via signed-integer overflow in decNumber D2U() macro

2 rules 1 CVE

CVE-2026-43894 is a vulnerability related to jq involving a wild stack write via signed-integer overflow in the decNumber D2U() macro.

jq cve overflow stack write

2r 1c May 13, 2026