1715 matches found
kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation
A flaw was found in the Linux kernel's networking component. A local attacker with low privileges could exploit a design issue in the teql queueing discipline, which is responsible for managing network traffic. By sending specially crafted network packets, an attacker could trigger a use-after-fr...
CVE-2026-26271
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in freerdpimagecopyfromicondata libfreerdp/codec/color.c can be triggered by crafted RDP Window Icon TSICONINFO data. The bug is reachable over the network when a client processes icon data...
kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service
A flaw was found in the ALSA USB audio driver of the Linux kernel. This vulnerability, a buffer overflow, occurs when the size of the Pulse-Code Modulation PCM stream data packets exceeds the maximum allowed by the USB descriptor. A local attacker could exploit this by providing specially crafted...
CVE-2025-33236
NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
CVE-2025-33236
NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering...
Bosch Rexroth IndraWorks 安全漏洞
Bosch Rexroth IndraWorks is a general engineering framework software developed by the German company Bosch Rexroth. Bosch Rexroth IndraWorks has a security vulnerability that stems from deserialization issues when parsing specially crafted files containing malicious serialized data, which may lea...
CVE-2025-67433
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...
CVE-2025-67433
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...
PT-2026-7890
Name of the Vulnerable Software and Affected Versions Open TFTP Server MultiThreaded version 1.7 Description A heap buffer overflow exists in the processRequest function of Open TFTP Server MultiThreaded. This issue can be triggered by sending a crafted DATA packet, potentially leading to a Denia...
CVE-2025-67433
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service DoS via a crafted DATA packet...
CVE-2025-67433
CVE-2025-67433 affects Open TFTP Server MultiThreaded v1.7. A heap buffer overflow in the processRequest() function can be triggered by crafted DATA packets, leading to Denial of Service. No remediation details are provided in the connected documents.
EUVD-2025-206666
Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...
CLSA-2026-1770136337 Fix CVE(s): CVE-2026-22796
SECURITY UPDATE: DoS by providing specially crafted PKCS7 data for signature verification - debian/patches/CVE-2026-22796.patch: ensure ASN1 types are checked before use - CVE-2026-22796...
EulerOS 2.0 SP13 : haproxy (EulerOS-SA-2026-1211)
According to the versions of the haproxy package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON...
CVE-2026-22796
A flaw was found in OpenSSL. This type confusion vulnerability allows a remote attacker to cause a denial of service DoS by providing specially crafted PKCS7 data to an application that performs signature verification. The vulnerability occurs because the application accesses an ASN1TYPE union...
CVE-2025-11002
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on...
Absolute Secure Access security vulnerability
Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for both mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.20 contained a security vulnerability that could cause server crashes if...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001076)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001076 advisory. The sctpsfootb function in net/sctp/smstatefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000845)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000845 advisory. net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002268)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002268 advisory. net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of...