CVE-2026-3298

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

BIT-PYTHON-MIN-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

PSF-2026-20

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

CVE-2025-59729

CVE-2025-59729 affects FFmpeg’s DHAV handling. The provided technical description shows an integer underflow in the offset calculation when parsing a DHAV header, causing a 32-bit offset read to reference data outside the allocated buffer. In large DHAV files (e.g., > 0x100000 bytes), the end_...

Mageia: Security Advisory (MGASA-2014-0247)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...

CVE-2021-36531

ngiflib 0.4 has a heap overflow in GetByte at ngiflib.c:70 in NGIFLIBNOFILE mode, GetByte reads memory buffer without checking the boundary...

CVE-2020-8618

An assertion check flaw caused by a buffer boundary check condition was found in BIND. A remote attacker could trigger this flaw via a large response, during zone transfer. The highest threat from this vulnerability is to system availability...

CVE-2020-8619 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

In ISC BIND9 versions BIND 9.11.14 - 9.11.19, BIND 9.14.9 - 9.14.12, BIND 9.16.0 - 9.16.3, BIND Supported Preview Edition 9.11.14-S1 - 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an...

CVE-2020-8618 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients...

Security Bulletin: OpenSSLにある複数の脆弱性のWebSphere Message BrokerとIBM Integration Busへの影響について

Summary OpenSSLの脆弱性について、OpenSSL Projectより2016年 9月22日、9月26日、11月10日にそれぞれ公表されております。WebSphere Message BrokerならびにIBM Integration Busにて使用されているDataDirect ODBC ドライバーに対して該当するCVEがあり、対処しております。 Vulnerability Details 最新の情報は下記の文書（英語）をご参照ください。 Security Bulletin: Multiple vulnerabilities in OpenSSL affect...

Mandriva Linux Security Advisory : libtasn1 (MDVSA-2015:116)

Updated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash CVE-2014-3467. It was...

jasper -- multiple vulnerabilities

oCERT reports: The library is affected by a double-free vulnerability in function jasiccattrvaldestroy as well as a heap-based buffer overflow in function jp2decode. A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports: The library is affected by an off-by-one...

Amazon Linux AMI : libtasn1 (ALAS-2014-359)

It was discovered that the asn1getbitder function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly,...

Medium: libtasn1

Issue Overview: It was discovered that the asn1getbitder function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash o...

Mandriva Linux Security Advisory : libtasn1 (MDVSA-2014:107)

Updated libtasn1 packages fix security vulnerabilities : Multiple buffer boundary check issues were discovered in libtasn1 library, causing it to read beyond the boundary of an allocated buffer. An untrusted ASN.1 input could cause an application using the library to crash CVE-2014-3467. It was...

CentOS Update for libtasn1 CESA-2014:0596 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 6 : libtasn1 (CESA-2014:0596)

Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

libtasn1 security update

CentOS Errata and Security Advisory CESA-2014:0596 Updated libtasn1 packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

gnutls security update

CentOS Errata and Security Advisory CESA-2014:0594 Updated gnutls packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS bas...