65 matches found
CVE-2026-3084
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...
ASB-A-432728472
In tlsrxmsgsize of tlssw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-15359
DVP-12SE11T - Out-of-bound memory write Vulnerability...
Siemens SIMATIC Devices Out-of-bounds Write (CVE-2021-4090)
An out-of-bounds OOB memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmvalbmlen-1 in nfsd4decodebitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system...
EUVD-2017-8826
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414534)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414534 advisory. An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with NFS. A...
Linux Distros Unpatched Vulnerability : CVE-2018-6063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process...
Linux Distros Unpatched Vulnerability : CVE-2021-32027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values,...
Linux Distros Unpatched Vulnerability : CVE-2022-1943
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers...
Linux Distros Unpatched Vulnerability : CVE-2020-14305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port...
CVE-2021-26344
An out of bounds memory write when processing the AMD PSP1 Configuration Block APCB could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution...
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6653-4)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6653-4 advisory. It was discovered that a race condition existed in the ATM Asynchronous Transfer Mode subsystem of the Linux kernel, leading to a use-after-free...
kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead
An out-of-bounds memory write flaw was found in qfqchangeagg in net/sched/schqfq.c in the Traffic Control QoS subsystem in the Linux kernel. This flaw allows a local user to crash or potentially escalate their privileges on the system...
AZL-34873 CVE-2024-0646 affecting package kernel for versions less than 6.6.35.1-4
An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system...
CVE-2024-0646
CVE-2024-0646 describes an out-of-bounds memory write in the Linux kernel’s Transport Layer Security path, occurring when a user calls a splice function with a ktls socket as the destination. The issue could allow a local user to crash the system or potentially escalate privileges. Connected advi...
AZL-34807 CVE-2023-51257 affecting package jasper for versions less than 4.2.1-1
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code...