Advisory ROSA-SA-2026-3312

Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...

CVE-2026-41503

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...

ROS-20260119-7339

A vulnerability in the phyn.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service...

CVE-2025-48622

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987395)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987395 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifswbufwritenolock Function ubifswbufwritenolock may access b...

CLSA-2024-1730141462 php: Fix of CVE-2024-8925

CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer...

PT-2024-7332 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.0 Description: The issue is related to the ext4 file system in the Linux kernel, specifically with the function ext4 ioctl getlabel in the fs/ext4/ioctl.c module. It involves improper memory access beyond t...

CVE-2023-0200

NVIDIA DGX-2 contains a vulnerability in OFBD where a user with high privileges and a pre-conditioned heap can cause an access beyond a buffers end, which may lead to code execution, escalation of privileges, denial of service, and information disclosure...

Sonos One Speaker 缓冲区错误漏洞

Sonos One Speaker is a smart speaker from Sonos USA. Sonos One Speaker version 70.3-35220 suffers from a buffer error vulnerability that stems from a lack of proper validation of user-supplied data, which could result in a read beyond the end of the allocated buffer, which could be exploited by a...

SUSE CVE-2019-3832

It was discovered the fix for CVE-2018-19758 libsndfile was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

SUSE CVE-2019-14513

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491...

CVE-2023-20523

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially leading to a loss of integrity or denial of service...

OESA-2022-1757 Open-iSCSI security update

The Open-iSCSI project is a high-performance, transport independent, multi-platform implementation of RFC3720 iSCSI. Security Fixes: An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore th...

Adobe InCopy 缓冲区错误漏洞

Adobe InCopy is a text editing software for creative writing from Adobe, USA. Adobe InCopy suffers from a buffer overflow vulnerability that stems from a lack of proper validation of user-supplied data, which can be exploited by an attacker to cause a read to exceed the end of an allocated buffer...

ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c

An off-by-one read vulnerability was discovered in ImageMagick in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program...

ALPINE-CVE-2019-3832

It was discovered the fix for CVE-2018-19758 libsndfile was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

DEBIAN-CVE-2019-3832

It was discovered the fix for CVE-2018-19758 libsndfile was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

CVE-2019-3832

It was discovered the fix for CVE-2018-19758 libsndfile was not complete and still allows a read beyond the limits of a buffer in wavwriteheader function in wav.c. A local attacker may use this flaw to make the application crash...

CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory...