CVE-2026-27940

A flaw was found in llama.cpp. A integer overflow can occur in the ggufinitfromfileimpl function in the gguf.cpp file, leading to an undersized heap allocation. A subsequent fread function call can write 528+ bytes of attacker controlled data past the buffer boundary. This issue is a bypass of...

SUSE CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

CVE-2026-27940

creationtimestamp| type| source ---|---|--- 2026-03-12 17:32:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mguwmdaalc2k 2026-03-29 14:00:03+00:00| seen| https://t.me/GithubRedTeam/77815...

UBUNTU-CVE-2026-27940

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

CVE-2026-27940

Summary of CVE-2026-27940 : The llama.cpp component has a vulnerability in gguf_init_from_file_impl() within gguf.cpp where an integer overflow leads to an undersized heap allocation. This enables a subsequent fread() to write 528+ bytes of attacker-controlled data past the buffer boundary, const...

CVE-2026-27940 llama.cpp has a Heap Buffer Overflow via Integer Overflow in `mem_size` Calculation — Bypass of CVE-2025-53630 Fix

llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...

CVE-2025-27940

Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-27940

creationtimestamp| type| source ---|---|--- 2026-02-11 13:17:13+00:00| published-proof-of-concept| https://t.me/truesecator/7898...

CVE-2020-27940

This issue was addressed with improved file handling. This issue is fixed in Apple TV app for Fire OS 6.1.0.6A142:7.1.0. An attacker with file system access may modify scripts used by the app...

Linux Distros Unpatched Vulnerability : CVE-2022-27940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in getipv6next in common/get.c. CVE-2022-27940 Note that Nessus relies on the presence of the...

CVE-2024-27940

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.5. The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database...

CVE-2024-27940

CVE-2024-27940 affects Siemens/RUGGEDCOM CROSSBOW (versions prior to V5.5). Multiple sources confirm an SQL injection vulnerability that allows any authenticated user to send arbitrary SQL commands to the SQL server, potentially compromising the entire database. Publicly documented impact include...

CVE-2023-27940

The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6, macOS Ventura 13.4. A sandboxed app may be able to observe system-wide network connections...

CVE-2023-27940

CVE-2023-27940 affects Apple platforms (iOS 15.7.6 and iPadOS 15.7.6; macOS Monterey 12.6.6; macOS Ventura 13.4). The issue is due to insufficient permissions checks in a kernel component, allowing a sandboxed app to observe system-wide network connections. Apple’s bulletin states the vulnerabili...

macOS 12.x < 12.6.6 Multiple Vulnerabilities (HT213759)

The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.6. It is, therefore, affected by multiple vulnerabilities: - A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 15.7.6 a...

Security fix for the ALT Linux 9 package tcpreplay version 4.4.2-alt1

4.4.2-alt1 built Nov. 30, 2022 Anton Farygin in task 310755 Nov. 28, 2022 Anton Farygin - 4.4.2 Fixes: CVE-2022-28487, CVE-2022-27942, CVE-2022-27940, CVE-2022-37047, CVE-2022-37049, CVE-2022-27939, CVE-2022-25484, CVE-2022-27941...

Fedora: Security Advisory for tcpreplay (FEDORA-2022-47484afa15)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for tcpreplay (FEDORA-2022-680ea95f71)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-37047

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getipv6next at common/get.c:713. NOTE: this is different from CVE-2022-27940...

CVE-2022-37047

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getipv6next at common/get.c:713. NOTE: this is different from CVE-2022-27940...