CVE-2025-39751

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-39751

CVE-2025-39751 is rejected/withdrawn by the CNA and does not represent an active vulnerability.

CVE-2022-50233

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...

CVE-2022-50233 Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...

CVE-2022-50233

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...

CVE-2022-50233

CVE-2022-50233 (bluetooth: device name can cause reading kernel memory by not supplying terminal \0) affects SUSE Linux Enterprise Server 15 SP4 kernels (live patch stream). The SUSE advisories indicate this issue was fixed in multiple kernel live patches (e.g., SUSE-SU-2026:0163-1, 0166-1, 0168-...

SUSE CVE-2025-38329

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test wmfw info KASAN reported out of bounds access - csdspmockwmfwaddinfo, because the source string length was rounded up to the allocation size...

UBUNTU-CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was rounded up to the allocation size...

AZL-63995 CVE-2025-38061 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite Honour the user given buffer size for the strnlen calls otherwise strnlen will access memory outside of the user given buffer...

DEBIAN-CVE-2025-38061

In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite Honour the user given buffer size for the strnlen calls otherwise strnlen will access memory outside of the user given buffer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unadapted input string length that could result in a buffer overflow...

CVE-2019-10532

Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...

SUSE CVE-2025-37927

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...

NetScaler shows an error stating "String length exceeds maximum [passplain, 31]"

When trying to update an existing certificate file with a new certificate file, upon clicking 'Ok', you see the following error appear: "String length exceeds maximum passplain, 31" The attempt to save the changes made fail because of the error which appears...

CVE-2025-46687

quickjs-ng through 0.9.0 has a missing length check in JSReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected...

GHSA-3633-G6MG-P6QQ SurrealDB memory exhaustion via string::replace using regex

An authenticated user can craft a query using the string::replace function that uses a Regex to perform a string replacement. As there is a failure to restrict the resulting string length, this enables an attacker to send a string::replace function to the SurrealDB server exhausting all the memor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unrestricted string length read from a firmware file...

CVE-2024-13939

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...

CVE-2024-13939 String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...

CVE-2024-13939

String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string. As stated in the documentation: "If the lengths of the strings are different, because equals returns false right away the size of the secret string m...