Wireshark 缓冲区错误漏洞

Wireshark is a set of network packet analysis software developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have a buffer error vulnerability. This...

Acronis Cyber Protect Cloud Agent和Acronis DeviceLock DLP 缓冲区错误漏洞

Acronis Cyber Protect Cloud Agent and Acronis DeviceLock DLP are both products of the Swiss company Acronis. Acronis Cyber Protect Cloud Agent is a cloud-based agent. Acronis DeviceLock DLP is a terminal security protection system designed to control peripheral access and prevent data breaches...

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient validation of the prefix length field during IPv6 router...

Artifex Software MuPDF 缓冲区错误漏洞

Artifex Software MuPDF is a free and lightweight PDF reader developed by Artifex Software in the United States. Versions of Artifex Software MuPDF 1.28.0 and earlier contain a buffer error vulnerability. This vulnerability stems from the fzsubsetcffforgids function in the CFF Index Handler...

Apache Thrift 缓冲区错误漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a buffer error vulnerability, which was caused by out-of-bounds read operations...

Apache Thrift 缓冲区错误漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a buffer error vulnerability, which was caused by an out-of-bounds read issue...

Mozilla Firefox 缓冲区错误漏洞

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Version 150.0.0 of Mozilla Firefox contains a buffer error vulnerability, which stems from a memory security flaw. This vulnerability may lead to memory corruption, and it could potentially be...

Mozilla Firefox ESR 缓冲区错误漏洞

Mozilla Firefox ESR is an extended support version of Firefox a web browser developed by the Mozilla Foundation in the United States. The Mozilla Firefox ESR 140.10.0 version and Firefox 150.0.0 version contain a buffer error vulnerability. This vulnerability stems from a memory security flaw,...

GPAC 缓冲区错误漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC such as 26.03-DEV-rev105-g8f39a1eb3-master and earlier have a buffer error vulnerability. This vulnerability stems from the function elngboxread in the MP4Box component’s file src/isomedia/boxcodebase.c, which process...

PJSIP 缓冲区错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier had a buffer error vulnerability, which stemmed from out-of-bounds read...

rust-openssl 缓冲区错误漏洞

rust-openssl is an open-source library in the rust ecosystem that allows for interaction with the OpenSSL library. In versions 0.9.0 to 0.10.78 of rust-openssl, there was a buffer error vulnerability. This vulnerability stemmed from the frompemcallback API not verifying the length returned by use...

uuid 缓冲区错误漏洞

uuid is a JavaScript module developed by UUID, which allows for the generation of RFC-compliant UUIDs in JavaScript. Versions of uuid prior to 14.0.0 contained a buffer error vulnerability. This vulnerability stems from functions v3, v5, and v6 accepting external output buffers without rejecting...

OP-TEE Trusted OS 缓冲区错误漏洞

OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. In versions 3.13.0 to 4.10.0 of OP-TEE Trusted OS, there is a buffer error vulnerability. This vulnerability stems from ...

SWUpdate 缓冲区错误漏洞

SWUpdate is an embedded Linux system update tool developed by Stefano Babic. SWUpdate has a buffer error vulnerability, which stems from an integer underflow in the multipart upload parser in the mongoosemultipart.c file. This vulnerability allows unauthenticated attackers to cause...

X.Org X Server 缓冲区错误漏洞

The X.Org X Server is an X Window system display server developed by the X.Org Foundation. The X.Org X Server has a buffer error vulnerability, which stems from an out-of-bounds memory access during the validation of XKB key type requests. This vulnerability could allow local attackers to send...

Libgcrypt 缓冲区错误漏洞

Libgcrypt is a general-purpose encryption library based on GnuPG code from the American GNU community. This library implements various encryption algorithms, including symmetric ciphers, hash algorithms, public key algorithms, etc. Versions of Libgcrypt prior to 1.12.2 contained a buffer error...

Angry IP Scanner 缓冲区错误漏洞

Angry IP Scanner is an open-source network tool developed by Angry IP Scanner that allows for quick scanning of IP addresses and port information. The Angry IP Scanner for Linux version 3.5.3 contains a buffer error vulnerability. This vulnerability stems from a denial-of-service vulnerability in...

PowerDNS DNSdist 缓冲区错误漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS that offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a buffer error vulnerability, which stems from malicious backends that can send specially crafted SVCB responses to resolver discovery...

NVIDIA CUDA-Q 缓冲区错误漏洞

NVIDIA CUDA-Q is a hybrid quantum-classical computing development platform provided by NVIDIA Corporation. NVIDIA CUDA-Q has a buffer error vulnerability, which stems from out-of-bounds read operations at the endpoint. This vulnerability could allow unauthorized attackers to cause denial of servi...

CVE-2026-31429

A flaw was found in the Linux kernel. When the Kernel Electric Fence KFENCE, a memory safety error detector, is enabled, a memory corruption vulnerability can occur. This happens because the skbkfreehead function incorrectly frees network buffer skb head data to the wrong memory cache. This...