ROS-20260524-73-0026

Vulnerability in docker-ce related to a single offset error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

CVE-2026-43062

CVE-2026-43062 concerns the Linux kernel Bluetooth L2CAP path, where l2cap_ecred_reconf_rsp() incorrectly casts incoming data to struct l2cap_ecred_conn_rsp instead of struct l2cap_ecred_reconf_rsp. This type confusion causes: (1) the length check to require 8 bytes instead of 2, rejecting valid ...

PT-2026-37065

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A type confusion issue exists in the Bluetooth L2CAP component within the l2cap ecred reconf rsp function. The function incorrectly casts incoming data to struct l2cap ecred conn rsp...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: block: Fixed an incorrect offset in biotruncate The biotruncate function clears the buffer outside of the last block of bdev. However, the current implementation of biotruncate uses the wrong offset for the page. As a result, it...

ROS-20260310-73-0003

Vulnerability in nbdkit related to a single offset error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260126-73-0010

Vulnerability in kernel-lt related to a single offset error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-47349

CVE-2025-47349 describes memory corruption in Qualcomm chipsets when processing an escape call, related to an out-of-range pointer offset in the DSP service. The Red Hat/NVD/CVE records corroborate a memory corruption impact with high severity (local, attacker requires low privileges, no user int...

CVE-2025-27059

CVE-2025-27059 is a memory corruption issue occurring when performing an SCM call in Qualcomm TZ firmware. The CVE entry and multiple connected sources (Red Hat, NVD, CVEList, CNNVD) describe memory corruption triggered during SCM calls, with the CVEList title explicitly noting use of an out-of-r...

EUVD-2017-7591

Malware in sbrugna...

CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = u8 r1 + 169; exit; With pointer field sk being at offset 168 in skbuff. This access is...

The vulnerability in the `libavfilter/avf_showspectrum.c` component of the FFmpeg multimedia library, related to a single shift error, allows attackers to trigger a service failure.

The vulnerability of the libavfilter/avfshowspectrum.c component in the FFmpeg multimedia library is related to a single-precision offset error. Exploiting this vulnerability could allow an attacker to cause a system failure...

SUSE CVE-2022-48747

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...

USN-6446-3 linux-oracle-5.15 vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

CVE-2023-5367

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...

SUSE CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

The vulnerability of the DwaCompressor::Classifier::Classifier function in software for storing images with wide dynamic range brightness in OpenEXR, related to a single offset error, allows attackers to cause service interruptions.

The vulnerability of the DwaCompressor::Classifier::Classifier function in software for storing images with wide dynamic range brightness in OpenEXR is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause service failures...

CVE-2017-16404

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer;...