351 matches found
CVE-2026-53022
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...
Astra Linux – Vulnerability in gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using HEADERSTRIP decompression. Integer overflow occurs in the matroskaparse element within the gstmatroskadecompressdata function, leading to a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, this overflow cannot ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fixed an issue where PCM OSS buffer allocation might overflow. We have received reports of situations where INTMAX overflow occurs during memory allocation using vmalloc, specifically in the function sndpcmplugalloc...
Astra Linux – Vulnerability in Linux 5.10
In the dplinksettingswrite function in the file drivers/gpu/drm/amd/display/amdgpudm/amdgpudmdebugfs.c in the Linux kernel, up to version 5.14.14, there is a vulnerability that allows for a heap-based buffer overflow by an attacker. This vulnerability arises because the attacker can write a strin...
CVE-2026-48990
In joserfc (Python), CVE-2026-48990 affects versions 1.3.4–1.6.5 where oversized RFC7797 b64=false JWS payloads bypass JWSRegistry.max_payload_length during deserialization, enabling potential resource exhaustion. The standard JWS compact/flattened paths enforce the payload limit via ExceededSize...
CVE-2026-8484
The CVE-2026-8484 entry describes a heap buffer overflow in the Jansi JNI"ioctl()" wrapper caused by missing size verification of the argument array before the system call. Affected software is Jansi (JNI wrapper) and, per sources, all versions are believed vulnerable. Consequences stated are hea...
ROS-20260609-73-0015
The vulnerability in Thunderbird relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures...
Amazon Linux 2023 : nerdctl (ALAS2023-2026-1788)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1788 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an...
CVE-2026-10725 Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb
Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per index...
ibmasm: fix OOB reads in command_file_write due to missing size checks
...
SUSE CVE-2026-45994
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...
Canonical Ubuntu Linux 安全漏洞
Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux 6.8, 6.17, and 7.0 versions contain security vulnerabilities. These vulnerabilities stem from incorrect validation of internal structure sizes, which may lead to out-of-bound...
CVE-2026-45994
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...
CVE-2026-45994
The CVE-2026-45994 issue affects the Linux kernel ibmasm: command_file_write, where a kernel buffer is allocated with count bytes and user data copied without validating against the dot command header, enabling out-of-bounds reads via get_dot_command_size/timeout and memcpy_toio. Patches introduc...
CVE-2026-45994
In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix OOB reads in commandfilewrite due to missing size checks The commandfilewrite handler allocates a kernel buffer of exactly count bytes and copies user data into it, but does not validate the buffer against the dot...
CVE-2026-45994
ibmasm: fix OOB reads in commandfilewrite due to missing size checks...
PT-2026-43861
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the command file write handler where it allocates a kernel buffer based on a user-provided count but fails to validate this buffer against the dot command protocol before...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of size checking in the commandfilewrite function of ibmasm, potentially leading to...
kavita 安全漏洞
Kavita is a fast and feature-rich cross-platform reading server developed by Kavita OpenSource. Versions of Kavita prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of library-level authorization for download, size checking, and chapter metadata...
CLSA-2026-1779493861 postgresql: Fix of 6 CVEs
CVE-2026-6473: use pallocarray in hstoreplperl/hstoreplpython to avoid integer overflow on 32-bit systems - CVE-2026-6474: guard pgstrftime callers against unsafe conditions and ensure null-terminated output to prevent format-string leak via crafted timezone names - CVE-2026-6475: prevent path...