Ubuntu: Security Advisory (USN-7637-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-34127

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler SEH due to insufficient bounds checking on user-supplied input leading to remote code executio...

Ubuntu 24.04 LTS : libjxl vulnerabilities (USN-7637-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7637-1 advisory. It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to...

USN-7637-1: libjxl vulnerabilities

It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service. CVE-2023-0645 It was discovered that libjxl did not perform proper bounds checking when decoding...

kernel: net: atlantic: fix aq_vec index out of range error

A vulnerability was found in the Linux kernel's Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service...

kernel: net: atlantic: fix aq_vec index out of range error

A vulnerability was found in the Linux kernel's Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service...

SUSE CVE-2025-48386

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...

UBUNTU-CVE-2025-48386

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...

webkitgtk: out-of-bounds read was addressed with improved bounds checking

A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution...

webkitgtk: improper bounds checking leading to arbitrary code execution

A vulnerability was found in webkitgtk. This issue occurs when processing web content, which may lead to arbitrary code execution...

webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service...

webkitgtk: webkit2gtk: Use-after-free was addressed with improved memory management

A flaw was found in WebKitGTK. Processing malicious web content can trigger a use-after-free issue due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service...

webkitgtk: webkit2gtk: Out-of-bounds read was addressed with improved bounds checking

A flaw was found in WebKitGTK. Processing malicious web content can trigger an out-of-bounds read due to improper bounds checking, causing an unexpected process crash, resulting in a denial of service...

Security Bulletin:IBM MQ is vulnerable to a buffer overflow issue (CVE-2024-25048)

Summary An issue was identified with IBM MQ when a client sends a malformed xarecover request. This can result in a memory overwrite or buffer overflow within the queue manager. Vulnerability Details CVEID:CVE-2024-25048 DESCRIPTION: IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A type confusion vulnerability exists in Google Chrome V8. The vulnerability is caused due to the V8 engine improperly handling bounds checking and type conversion for certain data types when executing JavaScript code, resulting in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of bounds checking, which could lead to out-of-bounds memory access...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of bounds checking and could lead to a buffer overflow...

GNU PSPP Heap Buffer Overflow Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a heap buffer overflow vulnerability. The vulnerability stems from the failure of the inflateread function called indirectly by spvreadxmlmember in zip-reader.c to properly...

Out-of-Bounds Read

libassimp.so is vulnerable to Out-of-bounds Read. The vulnerability is due to improper input validation due to insufficient bounds checking in the LWOImporter::CountVertsAndFacesLWO2 function, which may allow local attackers to read unintended memory content...

Out-of-Bounds-Read

libassimp.so is vulnerable to out-of-bounds read. The vulnerability is due to insufficient bounds checking in the SkipSpaces function, which allows memory to be read beyond the valid buffer limits during local access...