CVE-2026-54410

nanoMODBUS (through v1.23.0) contains an off-by-one buffer overflow in the recv_msg_header() of the Modbus/TCP server. An unauthenticated remote attacker can craft an MBAP Length=255 to force writing one attacker-controlled byte past the 260-byte receive buffer, corrupting the adjacent state stru...

Advisory ROSA-SA-2026-3312

Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...

CVE-2026-41503

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...

ROS-20260119-7339

A vulnerability in the phyn.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

CVE-2025-48622

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987395)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987395 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifswbufwritenolock Function ubifswbufwritenolock may access b...

The vulnerability of the FortiOS operating systems, related to operations beyond the buffer in memory, allows attackers to execute arbitrary code or commands.

The vulnerability of the FortiOS operating systems is related to operations that occur outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or commands by sending specially crafted HTTP requests...

The vulnerability of the Web Threat Defense (WTD.sys) driver for Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Web Threat Defense WTD.sys driver for Windows operating systems is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability in macOS operating systems arises from the operation of writing data beyond the buffer in memory, allowing an attacker to read arbitrary files.

The vulnerability of macOS operating systems lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability allows an attacker to read arbitrary files...

The vulnerability of the cross-platform software development framework Qt, related to writing beyond the buffer boundaries, allows attackers to trigger a service failure.

The vulnerability of the cross-platform software development framework Qt is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the ext4_ioctl_getlabel() function in the file system of the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ext4ioctlgetlabel function in the fs/ext4/ioctl.c file of the Linux operating system’s file system is related to accessing memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CLSA-2024-1730141462 php: Fix of CVE-2024-8925

CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer...

PT-2024-7332 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0 Description: The issue is related to the ext4 file system in the Linux kernel, specifically with the function ext4 ioctl getlabel in the fs/ext4/ioctl.c module. It involves improper memory access beyond t...

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of the Windows operating system’s kernel is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the build_insn() function in the arch/loongarch/net/bpf_jit.c module of the Linux operating system’s BPF component allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the buildinsn function in the arch/loongarch/net/bpfjit.c module of the Linux kernel’s BPF component involves reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...

The vulnerability of the formSetDeviceName function in the microprogramming software for Tenda AC10U allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetDeviceName function in the Tenda AC10U router’s microprogramming software relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protect...

The vulnerability of the Substance 3D Stager software lies in its ability to read data beyond the buffer boundaries, allowing attackers to exploit this to disclose protected information.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Zabbix universal monitoring system, related to logging beyond buffer boundaries, allows a intruder to trigger a service failure.

The vulnerability of the Zabbix universal monitoring system is related to logging beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures...

The software’s vulnerability related to creating secure connections to corporate networks via SSL VPN SecuExtender SSL VPN Client. This vulnerability stems from data writing beyond the buffer in memory, allowing attackers to exploit their privileges.

The vulnerability of the software for creating secure connections to corporate networks via SSL VPN SecuExtender SSL VPN Client lies in the writing of data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to enhance their privileges...

The vulnerability of the Adobe Photoshop graphic editor, related to reading beyond the buffer in memory, allows a hacker to bypass the ASLR protection mechanism.

The vulnerability of the Adobe Photoshop graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism...