206 matches found
EUVD-2026-24628
Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
CVE-2026-6839
The vulnerability CVE-2026-6839 affects Samsung ONE (Open Source ONE). Root cause: improper validation of STRING tensor offsets during constant tensor import, which can trigger out-of-bounds access. Affected versions are prior to commit 1.30.0. Impact described by CVSS: LOCAL attacker with low at...
kernel: net/sched: cls_u32: use skb_header_pointer_careful()
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011252)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011252 advisory. In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in...
CVE-2026-40335
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackDPV in camlibs/ptp2/ptp-pack.c lines 622–629. The UINT128 and INT128 cases advance offset += 16 without verifying that 16 bytes remain in the buffer. The entry check at li...
CLEANSTART-2026-WA14162 Delete function fails to properly validate offsets when processing malformed JSON input
Multiple security vulnerabilities affect the prometheus package. The Delete function fails to properly validate offsets when processing malformed JSON input. See references for individual vulnerability details...
CLEANSTART-2026-JY63371 Delete function fails to properly validate offsets when processing malformed JSON input
Multiple security vulnerabilities affect the prometheus package. The Delete function fails to properly validate offsets when processing malformed JSON input. See references for individual vulnerability details...
SUSE CVE-2026-32285
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
CVE-2026-32285
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
CVE-2026-32285 Denial of service in github.com/buger/jsonparser
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
CVE-2026-32285
The CVE-2026-32285 vulnerability involves the Delete function failing to validate offsets when processing malformed JSON, which can cause a negative slice index and a runtime panic, enabling a denial-of-service. Connected advisories confirm this CVE with affected packages including rclone and cri...
CVE-2026-32285
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
EUVD-2026-16345
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
CVE-2026-32285
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
Google Go 安全漏洞
Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the failure to correctly validate offsets when processing JSON inputs with formattin...
CVE-2026-32829
lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...
CVE-2026-32829 lz4_flex: Decompression can leak information from uninitialized memory or reused output buffer
lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...
CVE-2026-32829 lz4_flex: Decompression can leak information from uninitialized memory or reused output buffer
lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...
EUVD-2026-13426
lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...