Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a potential overflow of message boundary checks in the drm/amdgpu/vcn4 code...

PT-2026-40454

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...

RHEL 9 : firefox (RHSA-2026:13582)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13582 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The payload size has been sanitized to prevent member overflow. In functions qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by the firmware is used to calculate the copy length for the...

CLSA-2026-1776176227 glibc: Fix of 2 CVEs

CVE-2026-4437: fix incorrect record counting in getanswerptr that allowed iteration past the answer section boundary in DNS responses - CVE-2026-4438: fix hostname validation checking expectedname instead of namebuffer in getanswerptr, which could return invalid hostnames...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...

RHEL 9 : firefox (RHSA-2026:7671)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7671 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

Mozilla Firefox ESR < 140.9.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-27 advisory. - Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0,...

Mozilla Thunderbird < 140.9.1

The version of Thunderbird installed on the remote Windows host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-29 advisory. - Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird...

RHEL 10 : firefox (RHSA-2026:5931)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:5931 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

ROS-20260119-7346

A vulnerability in the drivers/ata/libata-sff.c component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to violate data integrity and also cause a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an access in dm raid that exceeds a raid member array boundary...

CLSA-2024-1730134476 php: Fix of 2 CVEs

CVE-2024-8927: Fix bypass of cgi.forceredirect configuration - CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer...

SonicWALL SonicOS IPSec VPN 安全漏洞

SonicWALL SonicOS IPSec VPN is a VPN solution from SonicWALL USA. SonicWALL SonicOS IPSec VPN suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. A remote attacker could exploit the vulnerability to cause a programmati...

Vyper Buffer Error Vulnerability

Vyper is the Pythonic smart contract language for EVM. A buffer error vulnerability exists in Vyper 0.3.10 and earlier versions, which stems from a possible overflow in the boundary check of the slice function, which can be exploited by an attacker to gain OOB access to storage, memory, or call...

TOTOLINK LR1200GB 安全漏洞

The TOTOLINK LR1200GB is a wireless dual-band 4G LTE router from China's Gion Electronics TOTOLINK. The TOTOLINK LR1200GB version V9.1.0u.6619B20230130 suffers from a buffer overflow vulnerability that originates from a boundary error in the parameter password of the function loginAuth when...

Unspecified Vulnerability in Huawei HarmonyOS (CNVD-2022-13181)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS 2.0, which stems from a samba server boundary overflow vulnerability in the system file management module...