Astra Linux - уязвимость в wireshark

In Wireshark versions 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This issue was addressed in the plugin plugins/epan/wimax/msgdlmap.c by validating the length field...

Open-Vehicle-Monitoring-System-3 安全漏洞

Open-Vehicle-Monitoring-System-3 is an open source vehicle remote monitoring and diagnostic control system from Open Vehicles. A security vulnerability exists in Open-Vehicle-Monitoring-System-3 version 3.3.005, which stems from the length field of the GVRET binary data in canformatgvret.cpp not...

CVE-2026-40253

A flaw was found in openCryptoki, a PKCS11 Cryptographic Token Interface Standard library. The BER/DER Basic Encoding Rules/Distinguished Encoding Rules decoding functions in the shared common library do not properly validate attacker-controlled length fields against actual buffer boundaries. Thi...

Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005364 advisory. In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msgdlmap.c by...

BACnet Test Server 资源管理错误漏洞

BACnet Test Server is a testing tool for BACnet protocol devices from BACnet USA. A resource management error vulnerability exists in BACnet Test Server version 1.01 and prior versions that stems from failure to properly validate the BVLC Length field in BACnet/IP BVLC packet processing, which...

CVE-2021-25848

Improper validation of the length field of LLDP-MED TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to using fixed loop counter variable without checking the actual available length via a crafted lldp packet...

PT-2023-12568 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor affected versions not specified Description: The issue is related to the failure to validate the length fields of the ASP sensor fusion hub headers. This may allow an attacker with a malicious Uapp or ABL to map the ASP...

SUSE CVE-2020-9430

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msgdlmap.c by validating a length field...

CVE-2018-7325

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field...

UBUNTU-CVE-2018-7325

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field...

Memory corruption

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory...

freetype: out-of-bounds read in tt_cmap4_validate()

The ttcmap4validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted cmap SF...