CVE-2026-43386

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix potential out-of-bounds read in rtwrestructwmmie The current code checks 'i + 5 inlen' at the end of the if statement. However, it accesses 'iniei + 5' before that check, which can lead to an out-of-bounds...

Astra Linux - уязвимость в qtsvg-opensource-src, qt4-x11

A flaw was discovered in Qt. A out-of-bounds read vulnerability was identified in QRadialFetchSimd, located at qt/qtbase/src/gui/painting/qdrawhelperp.h within Qt/Qtbase. When rendering and displaying a crafted Scalable Vector Graphics SVG file, this flaw may lead to unauthorized memory access. T...

github.com/gomarkdown/markdown: Out-of-bounds Read in SmartypantsRenderer

...

CVE-2026-23455 netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to...

Out-of-bounds Read

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-bounds Read in the second-instance event handler when parsing a crafted second-instance message via...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup (SUSE-SU-2026:0257-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0257-1 advisory. - CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418 - CVE-2026-0719: Fixed overfl...

MiracleLinux 8 : p11-kit-0.23.22-1.el8 (AXSA:2021-1862:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1862:01 advisory. p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers CVE-2020-29361 p11-kit: out-of-bounds read in...

MiracleLinux 9 : libxml2-2.9.13-12.el9_6 (AXSA:2025-10724:15)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10724:15 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. The libxml2 library is a development toolbox...

CVE-2025-15506

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

CVE-2025-15506 AcademySoftwareFoundation OpenColorIO FileRules.cpp ConvertToRegularExpression out-of-bounds

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

AZL-60383 CVE-2025-32906 affecting package libsoup for versions less than 3.0.4-3

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

CVE-2017-13321

In SensorService::isDataInjectionEnabled of frameworks/native/services/sensorservice/SensorService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...

libfluid 安全漏洞

libfluid is an Open Networking open source application. A security vulnerability exists in libfluid that stems from the fact that the fluidmsg::of13::QueueGetConfigReply::unpack routine contains an out-of-bounds read vulnerability...

CVE-2024-32897

In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo of protocolsmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...

CVE-2024-32904

In ProtocolVsimOperationAdapter of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation...

CVE-2024-20791

Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...

Out-of-bounds

In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710...

CVE-2023-35661

In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-35652

In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...

CVE-2023-35652

In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation...