📄 Samsung QuramDng Out-Of-Bounds Write

Samsung QuramDng has an invalid LossyJpeg component assumption that leads to an out-of-bounds write. BACKGROUND Samsung Android uses an internal DNG decoding library, QuramDng in libimagecodec.quram.so, to decode images in com.samsung.ipservice and com.samsung.gallery3d. Samsung Gallery will deco...

CVE-2025-21072

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

RockyLinux 8 : container-tools:rhel8 (RLSA-2023:2758)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2758 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions CVE-2022-196...

CVE-2025-53965

The CVE-2025-53965 entry concerns a lack of bounds checking in the function that decodes the SOR transparent container, affecting Samsung Mobile Processor, Wearable Processor, and Modem Exynos lines (models including 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930,...

CVE-2025-53965

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking...

PT-2025-48963

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980 Samsung Mobile Processor, Wearable Processor, and Modem Exynos 990 Samsung Mobile Processor, Wearable Processor, and Modem Exynos 850 Samsung Mobile Processor, Wearable...

CVE-2025-21072

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21072

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21072

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-21072

CVE-2025-21072 is an out-of-bounds write vulnerability in the fingerprint trustlet metadata decoding on Samsung mobile devices, enabling a local privileged attacker to write memory outside allocated boundaries. Affected component: fingerprint trustlet. Root cause: improper handling during metadat...

CVE-2025-21072

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

EUVD-2025-200145

Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

📄 macOS Sonoma 14.5 Denial of Service

macOS Sonoma version 14.5 has a vulnerability in the AV1Syntax::ParseHeader function that can allow for a kernel crash. ============================================================================================================================================= | Title : macOS Sonoma 14.5 potenti...

PT-2025-48591

Name of the Vulnerable Software and Affected Versions Fingerprint trustlet versions prior to SMR Dec-2025 Release 1 Description An out-of-bounds write issue exists in the decoding of metadata within the fingerprint trustlet. This allows a local privileged attacker to write to memory outside of...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Mobile Devices that originates from an out-of-bounds write when decoding metadata, which could result in...

PT-2026-5434

Name of the Vulnerable Software and Affected Versions Salt affected versions not specified Description The Salt junos execution module has an issue with how it processes YAML data. Specifically, it uses an unsafe method to decode and load YAML. A carefully designed YAML payload processed by the...

Exploit for Use of Uninitialized Resource in Microsoft

Proof-of-Concept exploit for the Untrusted Pointer Dereferenc...

Exploit for Use of Uninitialized Resource in Microsoft

Proof-of-Concept exploit for the Untrusted Pointer Dereferenc...

bind security update

32:9.16.23-34.0.1.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-34.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Replace downstream fixes with upstream changes - Address various spoofing attacks CVE-2025-40778 32:9.16.23-34 - Fix failures in idn...

EUVD-2025-199017

pypdf's LZWDecode streams be manipulated to exhaust RAM...