CLSA-2026-1777476716 vim: Fix of 8 CVEs

CVE-2021-4019: replace the unbounded STRCPY pair in findhelptags with vimsnprintf bounded by IOSIZE to prevent heap buffer overflow with long :help arguments starting with "%z@". - CVE-2021-4192: re-fetch regline/reginput via reggetline after getvvcol in regmatchvisual so the cached line pointer...

ROS-20260401-73-0037

Vulnerability in vlc related to reading outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

Advisory ROSA-SA-2026-3210

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-3 affected versions libssh-0.9.8-3 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside of buffer boundaries in...

CVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

EUVD-2023-33693

Malicious code in bioql PyPI...

The vulnerability of the Siemens User Management Component (UMC) in products such as SIMATIC PCS neo, SINEC NMS, and Totally Integrated Automation Portal (TIA Portal) allows a attacker to trigger a service failure.

The vulnerability of the Siemens User Management Component UMC, which is found in products such as SIMATIC PCS neo, SINEC NMS, and Totally Integrated Automation Portal TIA Portal, relates to reading data outside the buffer boundaries in memory. Exploiting this vulnerability could allow a maliciou...

The vulnerability of the h_subpelilters_outer function in the multimedia library Ffmpeg allows a intruder to gain unauthorized access to protected information.

The vulnerability of the hsubpeliltersouter function in the FFmpeg multimedia library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

CVE-2024-28319

gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

The vulnerability of the Goto_chidx() function in the login.cgi script of the Wavlink WN530H4, WN530HG4, and WN572HG3 router microprogramming systems allows a intruder to execute arbitrary code or cause a service failure.

The vulnerability of the Gotochidx function in the login.cgi script of the Wavlink WN530H4, WN530HG4, and WN572HG3 router microprogramming systems is related to the reading of data beyond the buffer boundaries in memory during the processing of the wlanUrl parameter. Exploiting this vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2024-28319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

The vulnerability of the bpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the bpf component in the Linux operating system’s kernel is related to read misses beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the kobject_uevent component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the kobjectuevent component in the Linux operating system’s kernel is related to read misses beyond the boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the jffs2 component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the jffs2 component in the Linux operating system’s kernel is related to errors in reading beyond the boundary in the dojffs2setxattr function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of DRM/AMD components in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of DRM/AMDKFD components in Linux kernel relates to read misses beyond the boundary. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), is related to reading beyond the buffer boundaries, allowing an attacker to disclose protected information.

The vulnerability of the software tools for accelerated video processing at the Intel Video Processing Library VPL level is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the SCSI component in the Linux operating system is related to errors in reading beyond the boundary in the respreporttgtpgs function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the SCSI component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s SCSI kernel component is related to errors in reading beyond the boundary in the resreadcap16 function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the X509_V_FLAG_CRL_CHECK component in the OpenSSL cryptographic library allows a attacker to trigger a service failure.

The vulnerability of the X509VFLAGCRLCHECK component in the OpenSSL cryptographic library is related to reading data beyond the memory boundaries. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The vulnerability of the NFSD component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the NFSD component in the Linux operating system’s kernel involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the ieee_write_file function in the /output/outieee.c component of the Netwide Assembler (NASM) compiler allows a hacker to cause a service failure.

The vulnerability of the ieeewritefile function in the /output/outieee.c component of the Netwide Assembler NASM compiler is related to reading beyond the memory boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...