CVE-2026-5071 can: Local Denial of Service via SocketCAN Send

The SocketCAN implementation validates the length of a user-provided buffer containing a socketcanframe object using only a NETASSERT statement in zcansendtoctx before dereferencing it in socketcantocanframe. In production builds where assertions are disabled, a userspace application that control...

CVE-2026-5071 can: Local Denial of Service via SocketCAN Send

The SocketCAN implementation validates the length of a user-provided buffer containing a socketcanframe object using only a NETASSERT statement in zcansendtoctx before dereferencing it in socketcantocanframe. In production builds where assertions are disabled, a userspace application that control...

CVE-2026-1678

dnsunpackname caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled default, a malicious DNS response can trigger an out-of-bounds wri...

EUVD-2026-9792

dnsunpackname caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled default, a malicious DNS response can trigger an out-of-bounds wri...

PT-2026-23408

Name of the Vulnerable Software and Affected Versions Zephyr RTOS affected versions not specified Description The dns unpack name function in Zephyr RTOS contains a flaw where it caches the buffer tailroom and reuses it when appending DNS labels. As the buffer expands, the cached size becomes...

PT-2024-29972 · Unknown · Oauth Library For Nim

Name of the Vulnerable Software and Affected Versions: OAuth library for nim versions prior to 0.11 Description: The issue concerns the OAuth library for nim, where the Authorization Code grant and Implicit grant rely on the state parameter to prevent cross-site request forgery CSRF attacks...

Unspecified Vulnerability in Google Android Qualcomm Component (CNVD-2017-27868)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA in the U.S. Qualcomm is one of the Qualcomm components used in Qualcomm devices. An unspecified vulnerability exists in the Google Android Qualcomm component, where disabling...