GHSA-MJ4X-VF5C-5XG8 compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal

Summary The compliance-trestle library's profile import mechanism resolves trestle:// URIs and relative file paths by joining them with trestleroot and calling .resolve, but performs no boundary check to ensure the resolved path stays within the trestle workspace. An attacker can craft a maliciou...

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities; these vulnerabilities stem from the lack of boundary checks in the BGP MPREACHNLRI IPv6 attribute...

BIT-PYTHON-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

EUVD-2026-24136

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

Linux Distros Unpatched Vulnerability : CVE-2022-50200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: Add boundary check in putentry Just like nextentry, boundary check is necessary to prevent memory out-of-bound access. CVE-2022-50200 Note that Nessus...

SUSE CVE-2025-49601

In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...

GNU GRUB 缓冲区错误漏洞

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which stems from a missing JPEG parser buffer boundary check, that can be exploited by an attacker to run arbitrary code in the context of an affected application and take contro...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android has an information disclosure vulnerability, the vulnerability stems from the lack of boundary checking in the SensorService::isDataInjectionEnabled method in the SensorService.cpp file, which can be exploite...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a missing boundary check in RGXFWChangeOSidPriority of rgxfwutils.c, which can be exploited by an attacker to escalate privileges...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in MediaTek chips, which stems from a missing boundary check in the keyInstall module, which may result in out-of-bounds writes...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips, which stems from a missing boundary check issue in the da module, which could result in an out-of-bounds write...

MediaTek 芯片 安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in the MediaTek chips, which stems from a missing boundary check issue in the da module, which could result in an out-of-bounds write...

UNISOC Chipsets 缓冲区错误漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets camera driver module, which stems from a lack of boundary checking, resulting in out-of-bounds writes...

UNISOC chipset 缓冲区错误漏洞

UNISOC chipset is an integrated circuit chipset from China's Unisoc Corporation. A security vulnerability exists in the UNISOC chipset. The vulnerability stems from a lack of boundary checking in the sensor driver, which may result in out-of-bounds writes, and may be exploited by an attacker to...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An out-of-bounds read vulnerability exists in Google Android, which stems from a missing boundary check in nciprocrfmanagementntf in ncihrcv.cc, and can be exploited by attackers to cause remote information disclosure...

CVE-2021-25493

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read...

CVE-2021-25492

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read...

Mediatek 芯片 缓冲区错误漏洞

The Mediatek chip is a smartphone chipset from China's MediaTek Mediatek. The Mediatek chip suffers from a security vulnerability that originates in the memory management driver, which could lead to a system crash due to a missing boundary check. This could lead to a local denial-of-service attac...

UBUNTU-CVE-2021-37231

A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through AParreadX in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check...