108 matches found
SUSE CVE-2020-37011
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...
CVE-2025-10888
AA maliciously crafted MODEL file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
macOS 26.x < 26.2 Multiple Vulnerabilities (125886)
The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.2. It is, therefore, affected by multiple vulnerabilities: - A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing fo...
CVE-2025-40304
CVE-2025-40304: Linux kernel fbdev rendering bounds check added for bit_putcs to prevent vmalloc-out-of-bounds writes when clipping framebuffer text at screen edges. The fix clips Y off-screen, adjusts image height, breaks on off-screen X, and updates the character count when clipping width to av...
Linux Distros Unpatched Vulnerability : CVE-2025-40082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc BUG: KASAN: slab-out-of-bounds in hfsplusuni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at...
Delta Electronics DIAScreen DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The vulnerability, tracked as CVE-2025-9242 CVSS score: 9.3, is described as an out-of-bounds write...
CVE-2025-62492
A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf when a negative fromIndex argument is supplied. The fromIndex argument read as a double variable, $d$ is used to calculate the starting position f...
CVE-2025-62492
A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf when a negative fromIndex argument is supplied. The fromIndex argument read as a double variable, $d$ is used to calculate the starting position f...
CVE-2025-55700
Out-of-bounds read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...
CVE-2025-11412 GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds
A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987395)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987395 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifswbufwritenolock Function ubifswbufwritenolock may access b...
SUSE CVE-2023-53600
In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ipcomputecsum+0x134/0x220 Read of size 4 at addr ffff88811c50db00 by...
CVE-2023-53521 scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in sesintfremove A fix for: BUG: KASAN: slab-out-of-bounds in sesintfremove+0x23f/0x270 ses Read of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013 When edev-components is zero, accessing...
Linux Distros Unpatched Vulnerability : CVE-2023-4692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image,...
CVE-2025-38568 net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
Amazon Linux 2 : LibRaw (ALAS-2025-2974)
The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2974 advisory. In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. CVE-2025-43961 In...
Linux Distros Unpatched Vulnerability : CVE-2021-38202
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails CVE-2024-36913 In the Linux kernel, the following vulnerability has been resolved: xfs: don't walk off the end of a directory data block CVE-2024-41013 In...
The vulnerability of the fromNatStaticSetting() function in the Tenda FH451 router’s microprogramming software allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the fromNatStaticSetting function in the Tenda FH451 router’s microprogramming software is related to the execution of operations outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code ...