3642 matches found
CVE-2026-45935
The CVE-2026-45935 issue affects the Linux kernel NTFS3 driver, specifically the DeleteIndexEntryRoot path in do_action. The vulnerability arises from insufficient bounds checking on the entry size (esize) read from the log record, where e2 = Add2Ptr(e1, esize) can exceed the used buffer if esize...
CVE-2026-45878
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watchid bounds checking in debug address watch v2 The address watch clear code receives watchid as an unsigned value u32, but some helper functions were using a signed int and checked bits by shifting with watchid...
CVE-2026-45878
The CVE-2026-45878 issue affects the Linux kernel’s AMD GPU driver (drm/amdkfd) where debug address watch (watch_id) handling could overflow memory due to mixing unsigned watch_id with signed checks. The root cause is insufficient bounds validation for watch_id, which could be large enough to acc...
CVE-2026-45843
In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper bounds checking of the watchid during debugging address monitoring in the amdkfd driver...
PT-2026-43745
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amdkfd component where the address watch clear code receives watch id as an unsigned value, but certain helper functions use a signed integer. When a very larg...
CVE-2025-46280
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination...
CVE-2025-46280
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination...
CVE-2025-46280
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination...
CVE-2025-46280
CVE-2025-46280 is an out-of-bounds read vulnerability addressed by improved bounds checking, fixed in macOS Tahoe 26 . The issue can allow an app to cause unexpected system termination. Affected software: macOS Tahoe 26. Root cause: insufficient bounds checking leading to an out-of-bounds read. I...
CVE-2025-46280
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination...
Integer Overflow
github.com/iskorotkov/avro is vulnerable to integer overflow. The vulnerability is due to improper handling of attacker-controlled 64-bit values, integer truncation, and overflow-prone arithmetic in multiple decoder paths, which allows an attacker to exploit untrusted Avro streams to trigger...
EUVD-2026-31077
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws The commit f316cdff8d67 annotated the hws member of the struct clkhwonecelldata with countedby. This informs the bounds sanitizer UBSANBOUNDS about the number of...
Astra Linux – Vulnerability in WebKit2GTK
A vulnerability related to out-of-bounds reads has been addressed through improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2, and iPadOS 15.2, as well as watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code executio...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: fbdev: Added bounds checking in bitputcs to prevent out-of-bounds writes using vmalloc. Added bounds checking to prevent writes beyond the framebuffer boundaries when rendering text near the screen edges. Return early if the Y...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevention of out-of-bounds read in mvnetaconfigrss The value of pp-indir0 comes from the user. It is passed to the function mvnetapercpuelect. Inside this function, there is a check to ensure that the value does not...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Added bounds checking to mienumattr. Bounds checking was added to ensure that no attribute stray beyond the valid memory region...
Astra Linux – Vulnerability in ffmpeg5, ffmpeg
FFmpeg n6.1.1 has an integer overflow vulnerability. The vulnerability exists in the parseoptions function in sbgdec.c within the libavformat module. When parsing certain options, the software does not properly validate the input. This allows negative duration values to be accepted without proper...
Astra Linux – Vulnerability in WebKit2GTK
A buffer overflow was addressed through improved bounds checking. This issue has been fixed in Safari 26.1, iOS 18.7.2, and iPadOS 18.7.2; iOS 26.1 and iPadOS 26.1; macOS Tahoe 26.1; tvOS 26.1; visionOS 26.1; and watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected...