115 matches found
CVE-2026-48132 VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP
The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...
Astra Linux - уязвимость в libstb
STBVorbis is a single-file library licensed under MIT, designed for processing OGG Vorbis files. A maliciously crafted file may trigger an out-of-bounds write vulnerability in the line f-vendorlen = char'\0';. The root cause of this issue is that if len, read from startdecoder, is a negative...
CVE-2026-31697
A flaw was found in the Linux kernel's crypto: ccp driver. A local user could exploit this vulnerability by attempting to retrieve the CPU ID when a firmware command fails due to an invalid length. This can cause an overflow of a kernel-allocated buffer, leading to the disclosure of sensitive...
PT-2026-36382
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overrun can occur in the me4000 xilinx download function when loading firmware requested by request firmware. The function reads a data stream length from the first 4 bytes into...
CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing
A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI Extensible Firmware Interface device path node header. A local user could exploit this...
JLSEC-2026-94
In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...
CVE-2025-47373
Memory Corruption when accessing buffers with invalid length during TA invocation...
CVE-2025-47373
Memory Corruption when accessing buffers with invalid length during TA invocation...
EUVD-2025-208183
Memory Corruption when accessing buffers with invalid length during TA invocation...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from using an invalid length to access the buffer during TA calls, potentially leading to memory corruption...
PT-2026-22639
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A memory corruption issue exists when accessing buffers with an invalid length during a Trusted Application TA invocation. This can lead to unpredictable behavior or potential compromise of the syste...
📄 zlib crc32_combine_gen64 Denial of Service
zlib versions prior to 1.3.2 has an infinite loop vulnerability in the crc32combinegen64 function that can result in a denial of service condition. ============================================================================================================================================= | Title...
Crypt::URandom 安全漏洞
Crypt::URandom is an encrypted Perl library developed by DDICK’s individual developers. Versions of Crypt::URandom prior to 0.55 contained security vulnerabilities. These vulnerabilities stemmed from a heap buffer overflow in the XS function crypturandomgetrandom. This function did not validate t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002964)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002964 advisory. The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic by leveraging...
EUVD-2020-30820
BACnet Test Server versions up to and including 1.01 contains a remote denial of service vulnerability in its BACnet/IP BVLC packet handling. The server fails to properly validate the BVLC Length field in incoming UDP BVLC frames on the default BACnet port 47808/udp. A remote unauthenticated...
CVE-2020-36872
CVE-2020-36872 affects BACnet Test Server versions up to and including 1.01. It has a remote denial-of-service vulnerability in BACnet/IP BVLC UDP handling caused by improper validation of the BVLC Length field on port 47808. An unauthenticated attacker can send a malformed BVLC Length value to t...
PT-2025-48193
Name of the Vulnerable Software and Affected Versions BACnet Test Server versions up to and including 1.01 Description BACnet Test Server is susceptible to a remote denial of service. The server does not correctly validate the BVLC Length field within incoming UDP BVLC frames on the default BACne...
EUVD-2006-5410
Malware in sbrugna...
EUVD-2021-17204
Malware in sbrugna...
EUVD-2008-4598
Malware in sbrugna...