CVE-2026-46186

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

CVE-2026-46186

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – Fixed possible out-of-band OOB access in mt7996macwritetxwi80211. The frame length was checked before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid possible OOB access...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Fix for Rx page leaks in multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice...

Bandit 安全漏洞

Bandit is a high-performance HTTP and WebSocket server from the individual developer Mat Trudel. A security vulnerability exists in Bandit version 0.3.6 through versions prior to 1.11.0, which stems from HTTP/2 frame deserialization that buffers the entire body of a frame before checking the size...

CVE-2026-6328 XQUIC Improper STREAM Frame Validation in Initial/Handshake Packets

Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux QUIC protocol implementation, packet processing module, STREAM frame handler modules allows Protocol Manipulation.This issue affects XQUIC: through 1.8.3...

CVE-2026-5185 Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-based overflow

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

PT-2026-36449

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the NFC pn533 component, the pn532 receive buf function appends incoming bytes to dev-recv skb and only resets the buffer upon recognition of a complete frame by pn532 uart rx is fram...

EUVD-2026-12156

Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to exploit this...

RIOT OS 安全漏洞

RIOT OS is an IoT operating system from RIOT Open Source. A security vulnerability exists in RIOT OS version 2026.01-devel-317 and earlier, which stems from a lack of boundary checking when the ethos tool handles serial frame data, which could lead to memory corruption and application crashes...

CVE-2022-31780

Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...

PT-2025-53935

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-syzkaller-02734-g0326074ff465 Description The Linux kernel contained a flaw within the networking component, specifically in the hsr High Speed Resilient functionality. A null dereference issue was identifi...

CVE-2020-36872

BACnet Test Server versions up to and including 1.01 contains a remote denial of service vulnerability in its BACnet/IP BVLC packet handling. The server fails to properly validate the BVLC Length field in incoming UDP BVLC frames on the default BACnet port 47808/udp. A remote unauthenticated...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53104)

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvcparsestreaming. This plugin only works with Tenable.ot. Please visit...

EUVD-2024-19166

Malicious code in bioql PyPI...

EUVD-2023-32403

Malicious code in bioql PyPI...

EUVD-2025-31032

Malicious code in bioql PyPI...

EUVD-2022-53173

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-39873

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

Linux Distros Unpatched Vulnerability : CVE-2023-53321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211hwsim: drop short frames While technically some control frames like ACK are shorter and end after Address 1, such frames shouldn't be forwarded...