SUSE CVE-2026-46072

In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...

CVE-2026-46072 ntfs3: add buffer boundary checks to run_unpack()

In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...

CVE-2026-46072

CVE-2026-46072 affects the Linux kernel ntfs3 code path. The vulnerability arises in run_unpack(), where a loop checks run_buf

CVE-2026-46072

ntfs3: add buffer boundary checks to rununpack...

ROS-20260520-73-0032

A vulnerability in the CSS component of the Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

ROS-20260520-73-0002

A vulnerability in the Skia graphics library of the Google Chrome and Microsoft Edge browsers is related to writing outside of buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected...

ROS-20260520-73-0034

A vulnerability in the WebGL component of the Google Chrome browser is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

CVE-2026-3298

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

BACnet Stack 缓冲区错误漏洞

BACnet Stack is an open-source protocol stack for BACnet, designed to work on embedded systems, Linux, MacOS, BSD, and Windows. Versions prior to BACnet Stack 1.4.3 contained a buffer error vulnerability. This vulnerability stems from a boundary-crossing read issue in the ReadPropertyMultiple...

BIT-PYTHON-MIN-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

PSF-2026-20

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

CVE-2026-3298

CVE-2026-3298 describes an out-of-bounds write in Windows-only asyncio.ProacterEventLoop.sock_recvfrom_into() when using the nbytes parameter. The root cause is a missing boundary check for the destination data buffer, enabling a write past the buffer size if incoming data exceeds it. Non-Windows...

ROS-20260410-73-0010

Vulnerability in libssh related to initial buffer boundary violation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260406-73-0001

A vulnerability in the ngxmailsmtp response header handler of NGINX Plus and NGINX Open Source web servers is related to a violation of the initial buffer boundary. Exploitation of the vulnerability could allow an attacker acting remotely to gain read access to the data...

ROS-20260403-73-0026

A vulnerability in the fbdev component of the Linux operating system kernel is related to writing outside of buffer boundaries. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

TP-Link Tapo C520WS 安全漏洞

The TP-Link Tapo C520WS is a WiFi camera produced by TP-Link Corporation. The TP-Link Tapo C520WS v2.6 version contains a security vulnerability. This vulnerability arises from insufficient buffer boundary alignment and validation during the asynchronous parsing of local video stream content, whi...

ROS-20260401-73-0037

Vulnerability in vlc related to reading outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

EVerest 缓冲区错误漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a buffer error vulnerability. This vulnerability stems from the function ISO15118chargerImpl::handlesessionsetup, which copies a variable-length list into ...

Advisory ROSA-SA-2026-3241

software: openssl 1.1.1w OS: ROSA-CHROME unaffected versions = openssl-1.1.1.1w-5 affected versions openssl-1.1.1.1w-5 CVE-ID: CVE-2025-68160 BDU-ID: 2026-01216 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the BIOflinebuffer function of the OpenSSL library is related to an operation exceeding...

ROS-20260317-73-0029

A vulnerability in the drivers/usb/gadget/configfs.c module of the Linux kernel is related to a violation of the initial buffer boundary. Exploitation of the vulnerability could allow an attacker to cause a denial of service...