CVE-2025-4432

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

CVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ring

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

CVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ring

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

CVE-2025-4432

CVE-2025-4432 affects Rust’s Ring crate. A panic can be triggered when overflow checking is enabled; in QUIC, a specially crafted packet can induce this panic, likely ~1 in 2^32 packets. CVSS v3.1 base score 5.3 (Network, Low attack complexity, No privileges, No user interaction; Availability imp...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient privilege checking, which could lead to a security risk...

scanner has a Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

GHSA-79M9-55JC-P6MW scanner has a Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

PT-2025-19849 · Qualcomm · Snapdragon +13

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption caused by improper bounds checking during command handling in a camera kernel driver. This can lead to unspecified consequences. Recommendations: At...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from improper command processing boundary checking in the camera-kernel driver, which could lead to memory corruption...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of privilege checking and could lead to the disclosure of local information...

The vulnerability of the Packet Forwarding Engine (PFE) module in Junos OS routers of the MX series allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted GRE packets...

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2022-49858

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same...

CVE-2022-49766

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...

CVE-2022-49858

The CVE-2022-49858 issue affects the Linux kernel in the octeontx2-pf driver. The vulnerability arose from an incorrect SQE (submission queue entry) availability check: the current method used HW-updated SQB count, which could allow submitting an SQE before the previously transmitted CQE was proc...

CVE-2022-49858

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix SQE threshold checking Current way of checking available SQE count which is based on HW updated SQB count could result in driver submitting an SQE even before CQE for the previously transmitted SQE at the same...

CVE-2022-49782 perf: Improve missing SIGTRAP checking

In the Linux kernel, the following vulnerability has been resolved: perf: Improve missing SIGTRAP checking To catch missing SIGTRAP we employ a WARN in perfeventoverflow, which fires if pendingsigtrap was already set: returning to user space without consuming pendingsigtrap, and then having the...