342 matches found
ROS-20260112-7317
Vulnerability of cmd.c, driver.h components of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2025-68753
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: add bounds check in putuser loop for DSP events In the DSP event handling code, a putuser loop copies event data. When the user buffer size is not aligned to 4 bytes, it could overwrite beyond the buffer...
The vulnerability of the uvcvideo component in the Linux operating system’s kernel allows a hacker to cause a service failure.
The vulnerability of the uvcvideo component in the Linux operating system is related to reading data from beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to cause a service failure...
The vulnerabilities in the modules include/net/ip_tunnels.h, net/ipv4/ip_tunnel.c, and net/ipv6/ip6_tunnel.c of the Linux operating system’s kernel, which allow a hacker to cause a service failure.
The vulnerability in the modules include/net/iptunnels.h, net/ipv4/iptunnel.c, and net/ipv6/ip6tunnel.c of the Linux operating system is related to the execution of operations outside of the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failur...
CVE-2025-57107
Kitware VTK (Visualization Toolkit) versions up to and including 9.5.0 contain a heap buffer overflow in vtkGLTFDocumentLoader. The root cause is the copy constructor of Accessor objects not properly validating buffer boundaries when processing specially crafted GLTF files, leading to out-of-boun...
EUVD-2011-4534
Malware in sbrugna...
CVE-2025-59729
CVE-2025-59729 affects FFmpeg’s DHAV handling. The provided technical description shows an integer underflow in the offset calculation when parsing a DHAV header, causing a 32-bit offset read to reference data outside the allocated buffer. In large DHAV files (e.g., > 0x100000 bytes), the end_...
CVE-2025-59728
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
Advisory ROSA-SA-2025-2960
Software: ghostscript 9.27 OS: ROSA Virtualization 3.0 unaffected versions = ghostscript-9.27-17.0.3.rv30 affected versions ghostscript-9.27-17.0.3.rv30 CVE-ID: CVE-2020-16287 BDU-ID: 2021-01163 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the lprnisblack function contrib/lips4/gdevlprn.c of th...
The vulnerability of the usbhid_parse() function in the bNumDescriptors component of the Linux kernel allows a hacker to induce a service failure.
The vulnerability of the usbhidparse function in the bNumDescriptors component of the Linux kernel is related to the violation of the buffer’s initial boundary. Exploiting this vulnerability could allow an attacker to cause a service failure...
z2d 安全漏洞
z2d is an open source 2D graphics library written in the pure Zig language by the individual developer Chris Marchesi. A security vulnerability exists in z2d version 0.7.0, which stems from improper overwrite buffer boundary checking and could lead to out-of-bounds access or memory corruption...
The vulnerability in the driver module comedi/drivers/das16m1.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the driver module comedi/drivers/das16m1.c in the Linux operating system is related to a violation of the buffer’s initial boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability in the driver module comedi/drivers/das6402.c of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the driver module comedi/drivers/das6402.c in the Linux operating system is related to a violation of the buffer boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2025-38484
In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". But afterwards a string terminator is written to t...
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek’s chips, which allows a hacker to cause a service failure.
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek is related to the violation of the buffer’s initial boundary. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek’s chips, which allows a hacker to cause a service failure.
The vulnerability of the Bluetooth driver’s firmware microprogramming software of MediaTek is related to the violation of the buffer’s initial boundary. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the execution of operations outside of the buffer in memory. Exploiting these vulnerabilities can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protect...
The vulnerability of the smb_extract_folioq_to_rdma() function in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the smbextractfolioqtordma function in the Linux operating system is related to the violation of the buffer boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.
The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an...
The vulnerability of the DWG File Parser component of the CADImage plugin for IrfanView, a software for viewing and playing graphic, video, and audio files, allows a malicious actor to execute arbitrary code within the context of the current process.
The vulnerability of the DWG File Parser component in the CADImage plugin for IrfanView software, which is used for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an...