ROS-20260429-73-0026

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260424-73-0002

Vulnerability in gimp related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

PT-2026-34383

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ksmbd module where the smb2 calc max out buf len function used a hardcoded magic number for the hdr2 len argument instead of the correct offset of the Buffer field...

CVE-2026-5450 scanf %mc off-by-one heap buffer overflow

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

UBUNTU-CVE-2026-23467

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

CVE-2026-30873

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

PT-2026-26382

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jp get token function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

ROS-20260319-73-0035

Vulnerability in vim related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260310-73-0017

An Exim mail server vulnerability is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Hitachi Energy RTU500 Product Allocation of Resources Without Limits or Throttling (CVE-2025-59375)

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. Product is only affected if IEC61850 functionality is configured. This plugin only works with Tenable.ot. Please visit...

Secure In-Memory Execution with W^X Enforcement Using mprotect

This C program demonstrates how to dynamically control memory allocation with the W^X protection principle...

Important: mingw-fontconfig security update

MinGW Windows Fontconfig library. Security Fixes: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 For more details about the security issues, including the impact, a CVSS score, acknowledgments...

ROS-20260224-73-0004

Vulnerability in gimp related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

TFM-POC-Dynamic-MEM-Windows

TFM...

ROS-20251216-7314

Vulnerability in qt6-qtbase related to buffer overflow in dynamic memory. Exploitation of the vulnerability may allow a remote attacker to execute arbitrary code...

Security Bulletin: Vulnerability in expat affects IBM Netezza Appliance

Summary The expat package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-59375 Vulnerability Details CVEID:CVE-2025-59375 DESCRIPTION: libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small docume...

Advisory ROSA-SA-2025-3092

Software: squid 3.5.20 OS: rosa-server79 unaffected versions = squid-3.5.20-17.0.9.res7.13 affected versions squid-3.5.20-17.0.9.res7.13 CVE-ID: CVE-2025-54574 BDU-ID: 2025-09345 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the Squid proxy server is related to a buffer overflow in dynamic...

AlmaLinux 10 : expat (ALSA-2025:19403)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:19403 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 Tenable h...

Siemens SIMATIC Devices Improper Input Validation (CVE-2023-51767)

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

EUVD-2025-35068

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix warning in smcrxsplice when calling getpage smcloregisterdmb allocates DMB buffers with kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this triggers WARNONONCE in...