CLSA-2026-1777476716 vim: Fix of 8 CVEs

CVE-2021-4019: replace the unbounded STRCPY pair in findhelptags with vimsnprintf bounded by IOSIZE to prevent heap buffer overflow with long :help arguments starting with "%z@". - CVE-2021-4192: re-fetch regline/reginput via reggetline after getvvcol in regmatchvisual so the cached line pointer...

ROS-20260401-73-0037

Vulnerability in vlc related to reading outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

Advisory ROSA-SA-2026-3210

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-3 affected versions libssh-0.9.8-3 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside of buffer boundaries in...

CVE-2026-28418 Vim has Heap-based Buffer Overflow in Emacs tags parsing

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

EUVD-2023-33693

Malicious code in bioql PyPI...

CVE-2024-28319

gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

Linux Distros Unpatched Vulnerability : CVE-2024-28319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

PT-2024-3023 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a memory boundary read and can allow an attacker to disclose protected information. There is no information provided about the estimated number of potentially affect...

CVE-2024-28319

gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

CVE-2024-28319

GPAC 2.3-DEV-rev921-g422b78ecf-master contains an out-of-bounds vulnerability reported as read/write related to boundary checks in memory. Multiple connected sources describe exposure via gf_dash_setup_period (and, in PT-2024-22388, a related issue in the swf_get_string path). Exploitation could ...

CVE-2024-28319

gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

CVE-2024-28319

gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

CVE-2024-28319

gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out of boundary read vulnerability via gfdashsetupperiod mediatools/dashclient.c:6374...

kernel: Slab-out-of-bound read in compare_netdev_and_ip

A vulnerability was found in comparenetdevandip in drivers/infiniband/core/cma.c in RDMA in the Linux kernel. An improper cleanup results in an out-of-boundary read. This flaw allows a local user to crash or escalate privileges on the system...

SUSE-SU-2023:3596-1 Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-150100197131 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c bsc1213244. - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nftbyteorder that could...

Ubuntu 23.04 : Linux kernel vulnerabilities (USN-6228-1)

The remote Ubuntu 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6228-1 advisory. It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An...

Ubuntu 23.04 : Linux kernel vulnerabilities (USN-6224-1)

The remote Ubuntu 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6224-1 advisory. It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-2315)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-boundsOOB memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfxkms.c in GPU component in the Linux kerne...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2141-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2141-1 advisory. - A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can car...

CVE-2023-25005

A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability...