EUVD-2026-38043

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

CVE-2026-53705 Gstreamer1-plugins-good: gstreamer: heap buffer overflow in wavpack decoder via integer overflow

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

PT-2026-49341

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A flaw exists in the WavPack audio decoder within gst-plugins-good. An integer overflow occurs during the buffer size calculation 4 block samples channels inside the gst wavpack dec handle...

EUVD-2026-36151

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

CVE-2026-42915

Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...

OpenVPN ovpn-dco-win 安全漏洞

OpenVPN ovpn-dco-win is a virtual network adapter for Windows developed by OpenVPN. There are security vulnerabilities in versions 2.0.0 to 2.8.3 of OpenVPN ovpn-dco-win. These vulnerabilities stem from errors in buffer size calculations by the epoch key generator, which may allow remotely...

FlashMQ 安全漏洞

FlashMQ is a fast and lightweight MQTT proxy server developed by Wiebe Cazemier. Versions of FlashMQ prior to 1.26.2 contained a security vulnerability. This vulnerability stemmed from the ability of authorized clients to submit excessive requests beyond the allowed buffer size, triggering an...

CVE-2026-42915

Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally...

CVE-2026-42915

CVE-2026-42915 affects Windows TCP/IP. The issue arises from an incorrect calculation of a buffer size in the TCP/IP stack, enabling an authenticated attacker on an adjacent network to cause a denial of service. In the supplied documents, the description clearly states the root cause and the impa...

EUVD-2026-35727

Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network...

CVE-2026-11792

A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...

Microsoft Windows VMSwitch Denial of Service Vulnerability

Incorrect calculation of buffer size in Windows VMSwitch allows an authorized attacker to deny service locally...

CVE-2026-9698 DBI versions before 1.648 for Perl saved errors in a limited-sized buffer

DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer without a length limit. Attackers that can influence the error text in an application can trigger a...

PT-2026-47894

Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description An incorrect calculation of buffer size in the TCP/IP stack allows an authorized attacker to cause a denial-of-service condition over an adjacent network. Recommendations At the moment...

EulerOS Virtualization 2.12.1 : expat (EulerOS-SA-2026-2073)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515 In libexpat...

CVE-2025-47406

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

CVE-2025-59613

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

CVE-2025-59614

Memory Corruption when sending random number generator command with insufficient output buffer size...

CVE-2026-47333

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data...

ROS-20260605-73-0084

The vulnerability in Firefox is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a remote attacker to cause a service failure...