27 matches found
SUSE CVE-2026-34588
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...
OpenEXR 缓冲区错误漏洞
OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR prior to 3.1.0 and 3.2.7, as well as versions prior to 3.3.9 and 3.4.9, contain a buffer error vulnerability. This vulnerability stems from integer overflows...
FreeRDP 缓冲区错误漏洞
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a buffer error vulnerability, which stemmed from a minor error in the bitmap caching subsystem. This vulnerability could lead to out-of-bounds reads and writes...
CVE-2026-23123
In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize srcnode and dstnode to empty strings The debugfscreatestr API assumes that the string pointer is either NULL or points to valid kmalloc memory. Leaving the pointer uninitialized can cause problem...
CVE-2026-22039
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from a...
SUSE CVE-2025-11709
A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...
Mozilla -- Out-of-bounds reads and writes
[email protected] reports: A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures...
CVE-2025-0034
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVSPATIALPART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google USA. Google Pixel suffers from a security vulnerability that stems from insufficient input validation, which could lead to out-of-bounds reads and writes and local elevation of privilege...
EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2024-1210)
According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by...
kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests
A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAPNETADMIN capability to crash or potentially...
kernel: memory corruption in AX88179_178A based USB ethernet device.
A flaw was found in the Linux kernel’s driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes...
Linux kernel 缓冲区错误漏洞
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from multiple out-of-bounds reads and possibly out-of-bounds writes contained in the Linux kernel driver for USB 2.0/3.0 Gigabit...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service.The vulnerability exists ingetcropfffsets function intiffcrop.c,which allows an attacker to send crafted file leading to out of bound reads and writes...
Adobe Acrobat Reader DC 缓冲区错误漏洞
Adobe Acrobat Reader DC is the United States of America Audobee Adobe company of a Pdf reading tool. It is used to reliably view, print and annotate Pdf documents. A buffer error vulnerability exists in Adobe Acrobat Reader DC, which arises from performing operations in memory without properly...
PYSEC-2022-124
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We...
Google TensorFlow 缓冲区错误漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google Google. Google Tensorflow is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to build a TFLite model that allows limited reads and writes to the outside of arrays in TFLit...
Schneider Electric Interactive Graphical SCADA System Buffer Overflow Vulnerability (CNVD-2021-31177)
Schneider Electric Interactive Graphical SCADA System IGSS is a SCADA Data Acquisition and Supervisory System system for monitoring and controlling industrial processes from Schneider Electric, France. A buffer overflow vulnerability exists in Interactive Graphical SCADA System IGSS Definition...
Qualcomm HLOS Input Validation Error Vulnerability
Qualcomm HLOS is a Qualcomm Advanced Operating Platform component used in Qualcomm products. An input validation error vulnerability exists in Qualcomm HLOS, where writes and reads are made out-of-bounds in the TA due to improper checking of the length of the command and response buffers...