FreeBSD Security Advisory - FreeBSD-SA-25:06.xz

FreeBSD Security Advisory - A worker thread could free its input buffer after decoding, while the main thread might still be writing to it. This leads to an use-after-free condition on heap memory...

PT-2025-28013 · Mbed Tls · Mbed Tls

Name of the Vulnerable Software and Affected Versions: MbedTLS versions 3.3.0 through 3.6.3 Description: The issue arises from the function mbedtls lms import public key not checking if the input buffer is at least 4 bytes before reading a 32-bit field. This allows for a possible out-of-bounds re...

PT-2025-33595

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the hwmon component, specifically within the corsair-cpro driver. The vulnerability involves insufficient validation of the size of received input...

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Framework component of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the Framework component in the Android operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the /goform/UserCongratulationsExec file in the Tenda AC10 router microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the /goform/UserCongratulationsExec microprogramming system for Tenda AC10 routers lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

CVE-2021-1910

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2020-1832

E6878-370 products with versions of 10.0.3.1H557SP27C233 and 10.0.3.1H563SP1C00 have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead ...

CVE-2019-5690

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape in which the size of an input buffer is not validated, which may lead to denial of service or escalation of privileges...

CVE-2019-2244

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

kernel: smb: client: fix OOBs when building SMB2_IOCTL request

A flaw was found in the cifs module in the Linux kernel. When building SMB2IOCTL requests using encryption, either enforced by the server or using the 'seal' mount option, an out-of-bounds write can be triggered when the user passes an input buffer greater than 328 bytes, resulting in memory...

The vulnerability of the formWlSiteSurvey function in the microprogramming software for EDIMAX RE11S routers allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the formWlSiteSurvey function in the microprogrammed routing software EDIMAX RE11S lies in the copying of buffers without checking the size of the input data when processing the selSSID parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code or...

The vulnerability of the Routing Protocol Demon (rpd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Data rpd in Juniper Networks’ Junos OS and Junos OS Evolved operating systems lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...

The vulnerability of the txt_get_unicode() function in the devices/vector/doc_common.c file of the Ghostscript document processing, conversion, and generation software allows a hacker to execute arbitrary code.

The vulnerability of the txtgetunicode function in the devices/vector/doccommon.c file of the Ghostscript document processing, conversion, and generation software set is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

The vulnerabilities of the functions php_libxml_input_buffer_create_filename() and php_libxml_sniff_charset_from_stream() in the PHP interpreter allow a hacker to redirect users to any desired URL address.

The vulnerabilities of the functions phplibxmlinputbuffercreatefilename and phplibxmlsniffcharsetfromstream in the PHP interpreter are related to the use of open redirection. Exploiting these vulnerabilities could allow a malicious actor to redirect users to any desired URL address...

PT-2025-9249

Name of the Vulnerable Software and Affected Versions Paragon Partition Manager version 7.9.1 Description The issue is caused by a null pointer dereference vulnerability within biontdrv.sys, resulting from a lack of a valid MasterLrp structure in the input buffer. This allows an attacker to execu...

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer...

Suricata < 7.0.8 Multiple Vulnerabilities

The version of OISF Suricata installed on the remote host is prior to 6.0.19 or 7.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities: - A large input buffer to one of the following transforms can lead to a stack overflow causing Suricata to crash in the following transforms:...

CVE-2024-55605 Suricata allows stack overflow in transforms

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the tolowercase, touppercase, stripwhitespace, compresswhitespace, dotprefix, headerlowercase, strippseudoheaders, urldecode, or xor...

The vulnerability of the formAdvanceSetup function (/goform/formAdvanceSetup) in D-Link DIR-605L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the formAdvanceSetup function /goform/formAdvanceSetup in D-Link DIR-605L router microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using the webpage...