CVE-2026-46553 NocoDB: Attachment Size Limit Bypass via Upload-by-URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NCATTACHMENTFIELDSIZE against either the remote file's advertised Content-Length or the decoded length of a data: URI, allowing an authenticated user to bypass the configured...

PT-2026-44263

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth btmtk component where the btmtk usb hci wmt sync function casts WMT event response SKB data to struct btmtk hci wmt evt 7 bytes and struct btmtk hci wmt...

SUSE CVE-2026-42582

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoderdecodeHuffmanEncodedLiteral may execute new bytelength for a string literal before verifying that length byt...

CLSA-2026-1778490923 httpd: Fix of 9 CVEs

CVE-2026-33857: fix length checks in AJP msgget functions - CVE-2026-34032: fix ajpmsggetstring buffer checks - CVE-2026-34059: fix ajpparsedata message len check - CVE-2026-24072: use APEXPRFLAGRESTRICTED in htaccess - CVE-2026-29169: moddavlock: use the right davlockdiscovery - CVE-2026-33006:...

Oracle Linux 8 : kernel (ELSA-2026-0759)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0759 advisory. - net: atlantic: fix fragment overflow handling in RX path CKI Backport Bot RHEL-139482 CVE-2025-68301 - smb: client: let recvdone verify dataoffset,...

CVE-2026-23732 FreeRDP has heap-buffer-overflow in Glyph_Alloc

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts cbData/remaining length and never validates against the minimum size implied by cx/cy. A malicious server can trigger a client‑side global buffer overflow, causing a crash DoS. Versi...

SUSE CVE-2025-68342

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing data The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe hf::fla...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check data length in gsusbreceivebulkcallback, which could lead to an out-of-bounds read...

CVE-2025-68342

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing data The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe hf::fla...

EUVD-2025-31823

A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /editcustomer.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is now public and may be used...

CVE-2025-59731 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

EUVD-2025-32393

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verify remainingdatalength respects maxfragmentedrecvsize This is inspired by the check for dataoffset + datalength...

EUVD-2024-24564

Malicious code in bioql PyPI...

EUVD-2021-7449

Malicious code in bioql PyPI...

EUVD-2022-27238

Malicious code in bioql PyPI...

CVE-2025-39928

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: ensure data length is within supported range Add an explicit check for the xfer length to 'rtl9300i2cconfigxfer' to ensure the data length isn't within the supported range. In particular a data length of 0 is not...

PT-2025-40638

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ksmbd component, specifically within the smbdirect functionality. The issue involves insufficient verification of remaining data length against max...

CVE-2022-22084

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2024-27362

A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure...

PT-2024-21848 · Samsung · Exynos 1330 +7

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processors Exynos 850 Samsung Mobile Processors Exynos 1080 Samsung Mobile Processors Exynos 2100 Samsung Mobile Processors Exynos 2200 Samsung Mobile Processors Exynos 1280 Samsung Mobile Processors Exynos 1380 Samsung Mobile...