11951 matches found
OSV-2026-229 Segv on unknown address in aiAnimation::~aiAnimation
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=483188619 Crash type: Segv on unknown address Crash state: aiAnimation::aiAnimation aiScene::aiScene Assimp::BaseImporter::ReadFile...
PT-2026-7680
Redir 3.3 contains a stack overflow vulnerability in the doproxyconnect function that allows attackers to crash the application by sending oversized input. Attackers can exploit the sprintf buffer without proper length checking to overwrite memory and cause a segmentation fault, resulting in...
CVE-2026-25613
CVE-2026-25613 : MongoDB server vulnerability where an authorized user can disable the server by issuing a query against a collection that contains an invalid compound wildcard index. Root cause described in connected documents is related to incorrect data handling of compound wildcard indexes, e...
CVE-2026-25613 An unsafe cast in the MongoDB query planner can result in a segmentation fault.
An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...
AMD EPYC 安全漏洞
The AMD EPYC is a high-performance server processor developed by American semiconductor company AMD. There are security vulnerabilities in the AMD EPYC™ 9005 Series Processors and the AMD EPYC™ Embedded 9005 Series Processors. These vulnerabilities stem from improper handling of the segmentation...
AirCatch: Effectively Tracing Advanced Tag-Based Trackers
Tag-based tracking ecosystems help users locate lost items, but can be leveraged for unwanted tracking and stalking. Existing protocol-driven defenses and prior academic solutions largely assume stable identifiers or predictable beaconing. However, identifier-based defenses fundamentally break do...
OESA-2026-1294 glib2 security update
GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: Integer Overflow vulnerability in the...
CVE-2025-68699
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...
CVE-2026-25585
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC profile processing. The malformed ICC profile...
OSV-2026-204 Segv on unknown address in icalarray_append
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481635423 Crash type: Segv on unknown address Crash state: icalarrayappend icalstrarrayappend parsevcard...
SUSE CVE-2025-71195
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap maxregister The maxregister field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap via debugfs can cause...
CVE-2026-25585
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC profile processing. The malformed ICC profile...
CVE-2026-25585 iccDEV vulnerable to OOB in CIccXform3DLut::Apply()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a vulnerability IccCmm.cpp:5793 when reading through index during ICC profile processing. The malformed ICC profile...
EUVD-2025-206782
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In version 0.24.6, NanoMQ has a protocol parsing / forwarding inconsistency when handling shared subscriptions $share/. A malformed SUBSCRIBE topic such as $share/ab missing the second / is not strictly validated during the...
CVE-2025-71195
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap maxregister The maxregister field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap via debugfs can cause...
CVE-2025-71195
The CVE-2025-71195 entries describe a Linux kernel issue in dmaengine: xilinx: xdma where the max_register field was set to the size of the register memory region instead of the last register offset. This causes regmap reads via debugfs to segfault (segmentation fault) when inspecting /sys/kernel...
EUVD-2025-206803
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap maxregister The maxregister field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap via debugfs can cause...
iccDEV 缓冲区错误漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.3 contained a buffer error vulnerability. This vulnerability stemmed from improper array boundary validation during the processing of ICC configuration file...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect setting in the regmap maxregister field, potentially leading to segmentation violations...
CVE-2025-61944
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length...