ROS-20260605-73-0083

The vulnerability in Firefox is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

CVE-2026-6022

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

CVE-2026-24112

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addWewifiWhiteUser function and processed by sscanf without size validation, it could lead to a buffer overflow vulnerability...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003395)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003395 advisory. A flaw was found in the hugetlbmcopyatomicpte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service BUG...

CVE-2021-0881

In PVRSRVBridgeRGXKickCDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-0885

In PVRSRVBridgeSyncPrimOpTake of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

CVE-2025-52960

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...

CVE-2025-21476 Buffer Copy Without Checking Size of Input in Computer Vision

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake...

Chall-Manager 安全漏洞

Chall-Manager is an open source project from CTFer.io open source. A security vulnerability exists in Chall-Manager versions prior to 0.1.4, which stems from a failure to check the size of the contents when decompressing a zip file, which could lead to a zip bomb decompression...

The vulnerability of the AdvSetMacMtuWan function in the microprogramming software for Tenda AC10 routers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the AdvSetMacMtuWan function in the Tenda AC10 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of function SUB_0046AC38 in Tenda AC8V4 microprogrammed router software allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of SUB0046AC38 in Tenda AC8V4 microprogrammed router software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the files base/write_t1.c and psi/zfapi.c, which are components of the DollarBlend software suite for processing, transforming, and generating Ghostscript documents, allows a perpetrator to execute arbitrary code.

The vulnerability in the files base/writet1.c and psi/zfapi.c of the DollarBlend software component, which is part of the software suite for processing, transforming, and generating Ghostscript documents, involves copying buffers without checking the size of the input data. Exploiting this...

The vulnerability of the sub_422eb8 function in Linksys E8450 Wi-Fi routers allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sub422eb8 function in Linksys E8450 Wi-Fi routers’ microprogramming software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibili...

PT-2024-27262 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.1.2930 build 20241025 QNAP QuTS hero versions prior to h5.2.1.2929 build 20241025 Description: A buffer copy without checking the size of input issue has been reported, potentially allowing remote attackers with...

The vulnerability in the wireless.cgi script of Netgear XR300 router software allows a hacker to induce a service failure.

The vulnerability in the wireless.cgi script of Netgear XR300 router software lies in the copying of buffers without checking the size of the input data during the processing of the passphrase parameter. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a...

The vulnerability of the cgi_create_album() function (/cgi-bin/photocenter_mgr.cgi) in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 allows a hacker to execute arbitrary commands.

The vulnerability of the cgicreatealbum function /cgi-bin/photocentermgr.cgi in the microprogramming software of D-Link devices such as DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4...

DEBIAN-CVE-2024-25739

createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize...

PT-2024-1631 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.3.2578 build 20231110 QuTS hero versions prior to h5.1.3.2578 build 20231110 QuTScloud versions prior to c5.1.5.2651 Description: The issue is related to a buffer copy without checking the size of input data, which...

CVE-2023-45043

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

SUSE CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...