Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()

...

RUSTSEC-2026-0080 Multiple soundness issues in `scaly` safe APIs

Affected versions contain multiple safe APIs that can trigger undefined behavior: - Array::index can perform an out-of-bounds read. - String::getlength can perform an out-of-bounds read. - String::appendcharacter can perform an invalid write. - String::tocstring can perform an out-of-bounds write...

CVE-2026-22853 FreeRDP has a heap-buffer-overflow in ndr_read_uint8Array

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

EUVD-2026-2674

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

EUVD-2021-27210

Malware in sbrugna...

EUVD-2021-21652

Malware in sbrugna...

EUVD-2012-2768

Malware in sbrugna...

EUVD-2018-5248

Malware in sbrugna...

EUVD-2018-10710

Malware in sbrugna...

EUVD-2018-2085

Malware in sbrugna...

EUVD-2024-53860

Malicious code in bioql PyPI...

CVE-2025-46585

Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-46585

CVE-2025-46585 describes an out-of-bounds read/write vulnerability in Huawei HarmonyOS kernel module. The root cause is failure to properly check array boundaries when processing certain data. Reported impact is availability disruption upon successful exploitation. Several connected sources (NVD/...

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

CVE-2024-57958

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2024-57958

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2024-26962

In the Linux kernel, the following vulnerability has been resolved: dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape For raid456, if reshape is still in progress, then IO across reshape position will wait for reshape to make progress. However, for dm-raid, in...

BIT-APR-2021-35940 Regression of CVE-2017-12613

An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...

Ubuntu 16.04 ESM : libjpeg9 vulnerabilities (USN-5336-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5336-1 advisory. Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue...

Amazon Linux 2023 : apr, apr-devel (ALAS2023-2023-016)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-016 advisory. An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x...