CVE-2020-35919

An issue was discovered in the net2 crate before 0.2.36 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2018-21052

An issue was discovered on Samsung mobile devices with N7.x and O8.X Exynos chipsets software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 October 2018...

CVE-2019-14032

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017,...

CVE-2019-10517

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096,...

CVE-2019-8629

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges...

CVE-2019-17183

Foxit Reader before 9.7 allows an Access Violation and crash if insufficient memory exists...

CVE-2019-14192

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call...

CVE-2019-10600

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...

CVE-2018-25018

UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext...

CVE-2018-12064

tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h...

CVE-2025-22886

OpenHarmony vulnerability CVE-2025-22886 affects OpenHarmony v5.0.3 and earlier. The issue stems from missing release of memory in a component, enabling a local attacker to cause a Denial of Service. Affected scope is limited to local access; integrity and confidentiality are not impacted per ava...

USN-7480-1 openjdk-8 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An...

The vulnerability of the gf_filterpacket_del function on the multimedia platform GPAC allows a hacker to cause a service failure.

The vulnerability of the gffilterpacketdel function on the GPAC multimedia platform is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-37754

In the Linux kernel, the following vulnerability has been resolved: drm/i915/huc: Fix fence not released on early probe errors HuC delayed loading fence, introduced with commit 27536e03271da "drm/i915/huc: track delayed HuC load with a fence", is registered with object tracker early on driver pro...

CVE-2025-46688

quickjs-ng through 0.9.0 has an incorrect size calculation in JSReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected...

CVE-2025-21605

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

Security update for erlang26

This update for erlang26 fixes the following issues: CVE-2025-30211: Fixed KEX init error results with excessive memory usage bsc1240390 CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommende...

CVE-2025-38152

CVE-2025-38152 affects the Linux kernel remoteproc subsystem. The root cause is the rproc_shutdown path not clearing rproc->table_sz, which allows a memcpy of loaded_table from rproc->cached_table to use a NULL rproc->cached_table after stopping, causing a kernel crash. The issue is repo...

CVE-2025-38152 remoteproc: core: Clear table_sz when rproc_shutdown

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear tablesz when rprocshutdown There is case as below could trigger kernel dump: Use U-Boot to start remote processorrproc with resource table published to a fixed address by rproc. After Kernel boots up, stop...

CVE-2025-22121

CVE-2025-22121 – Linux kernel ext4 xattr check bypass (out-of-bounds read) What’s affected: Linux kernel ext4 filesystem code, specifically ext4_xattr_inode_dec_ref_all() and related xattr handling paths that can read beyond allocated buffers when inodes contain xattrs. What’s the issue: A read o...