CVE-2026-46199 drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vcn3 decoding message parsing process. This process does not check for boundaries, potentiall...

CLSA-2026-1778254557 httpd: Fix of 8 CVEs

CVE-2026-24072: modrewrite/modsetenvif: use APEXPRFLAGRESTRICTED in htaccess to prevent reading server-side files via apexpr from .htaccess - CVE-2026-29169: moddavlock: NULL pointer dereference in davgenericrefreshlocks use dpscan instead of dp - CVE-2026-33006: modauthdigest: timing attack —...

SUSE SLED15 / SLES15 Security Update : protobuf (SUSE-SU-2026:1653-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1653-1 advisory. Refresh fixes: - CVE-2025-4565: parsing of untrusted Protocol Buffers data containing an arbitrary number of...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in the Secure Access client’s message parsing function prior to 14.50. An attacker able to control a modified server can send a crafted packet to overwrite a small portion of memory, potentially causing memory corruption or denial of service. Remediation: upgra...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

CVE-2026-33447

CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...

PT-2026-36169

Name of the Vulnerable Software and Affected Versions Secure Access client versions prior to 14.50 Description A buffer overflow exists in a message parsing function of the client. Attackers controlling a modified server can send a specially crafted packet to overwrite a small portion of memory,...

CLSA-2026-1776941204 squid: Fix of CVE-2021-28116

CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...

EUVD-2025-209243

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DA...

PT-2026-30703

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description A Stack-based Buffer Overflow...

NanoMQ 安全漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. There is a security vulnerability in NanoMQ, which stems from the use of the hookworkcb function to parse message bodies using cJSONParse. This leads to out-of-bounds read access to unallocated memory...

UBUNTU-CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

CLSA-2026-1772571803 munge: Fix of CVE-2026-25506

CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks and input validation for address length; prevent leak of cryptographic MAC subkey and forging of arbitrary credentials...

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict in the JSON-RPC and MCP protocol message parsing. An attacker can bypass intermediary inspection or cause cross-implementation inconsistencies by sending protocol messages with non-standard field casing or Unicod...

MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery

A buffer overflow vulnerability was discovered in the MUNGE authentication daemon munged. In affected versions, a local attacker can potentially leak secret cryptographic key material from the daemon's memory by sending a specially crafted message with an oversized address field. With the leaked...

MUNGE: MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery

A buffer overflow vulnerability was discovered in the MUNGE authentication daemon munged. In affected versions, a local attacker can potentially leak secret cryptographic key material from the daemon's memory by sending a specially crafted message with an oversized address field. With the leaked...

GHSA-8H58-W33P-WQ3G rPGP affected by crash in message handling for deeply nested messages

Summary Previous rPGP versions could be caused to crash with a "stack overflow" when parsing messages that contain deeply nested message layers, such as messages with many signatures. rPGP 0.19.0 resolves this issue with a more robust message handling implementation via...