UBUNTU-CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

EUVD-2026-32887

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

CVE-2026-46128

The CVE covers a Linux kernel IPMI issue where event message buffer data size was only validated later in processing instead of immediately after the response. Some BMCs may return an empty message rather than signaling an error when fetching events. The available connected documents indicate thi...

drm/amd: Guard against bad data for ATIF ACPI method

...

AZL-52471 CVE-2024-50117 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

CVE-2024-50117 drm/amd: Guard against bad data for ATIF ACPI method

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ? showregs arch/x86/kernel/dumpstack.c:478 discriminator 1 ...

Kofax Power PDF 安全漏洞

Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a specific flaw in the parsing of PDF files that lacks proper validation of user-supplied data, allowing a remote attacker to read sensitive...

UBUNTU-CVE-2018-1000656

The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. Th...

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-11852)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. An arbitrary code execution vulnerability exists in the parsing of the U3D 3DView object in Foxit Reader version 9.0.1.1049. The vulnerability stems from the program's failure to properly validate the length of...

PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow

No description provided by source. !/usr/bin/python import socket import sys msfvenom -p windows/shellbindtcp lhost=192.168.1.130 lport=4444 -b '\x00\x0a\x0b\x27\x36\xce\xc1\x04\x14\x3a\x44\xe0\x42\xa9\x0d' -f ruby Payload size: 352 bytes shellcode =...

PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta)

No description provided by source. require 'msf/core' class Metasploit3 Msf::Auxiliary include Msf::Exploit::Remote::Udp def initializeinfo = superupdateinfoinfo, 'Name' = 'PumpKIN TFTP Server DoS', 'Description' = %q PumpKIN TFTP Server 2.7.2.0 eventually reaches a DoS condition when provided wi...

DEBIAN-CVE-2013-2094

The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call...

MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...

MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...