5807 matches found
CVE-2026-35203 ZLMediaKit VP9 RTP Parser Out-of-Bounds Read
ZLMediaKit is a streaming media service framework. the VP9 RTP payload parser in ext-codec/VP9Rtp.cpp reads multiple fields from the RTP payload based on flag bits in the first byte, without verifying that sufficient data exists in the buffer. A crafted VP9 RTP packet with a 1-byte payload 0xFF,...
CVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount
Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...
MGASA-2026-0086 Updated freerdp packages fix security vulnerabilities
FreeRDP has a heap-buffer-overflow in audinprocessformats. CVE-2026-22852 FreeRDP has a heap-buffer-overflow in driveprocessirpread. CVE-2026-22854 FreeRDP has a heap-buffer-overflow in smartcardunpacksetattribcall. CVE-2026-22855 FreeRDP has a heap-use-after-free in createirpthread. CVE-2026-228...
CVE-2026-21381 Buffer Over-read in WLAN Firmware
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...
CVE-2026-21381
CVE-2026-21381 is described in connected records as a buffer over-read in WLAN firmware causing a transient denial-of-service when a service data frame with excessive length is processed during device matching over a neighborhood awareness network protocol. This CVE is associated with WLAN firmwa...
CVE-2026-21378 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21378
The CVE-2026-21378 entry describes a memory corruption vulnerability in a camera sensor driver triggered when IOCTLs access an output buffer without validating its size. Affected component is the camera sensor driver’s IOCTL handling (output buffer). Root cause: insufficient validation of the des...
CVE-2026-21376 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21376
CVE-2026-21376 : Memory corruption occurs when an output buffer is accessed during IOCTL processing in a camera sensor driver without validating its size. Root cause is missing validation of the output buffer size. Documented impact includes high confidentiality, integrity, and availability conce...
CVE-2026-21375
CVE-2026-21375 describes memory corruption when an output buffer is accessed without validating its size during IOCTL processing. The issue is reported in Qualcomm context, with CVSS 3.1 base score 7.8 (HIGH) and local, low exploit complexity, no user interaction required. Descriptions across NVD...
CVE-2026-21375 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
CVE-2026-21375 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
CVE-2026-21374 Buffer Over-read in Camera
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
CVE-2026-21373 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
CVE-2026-21373 Buffer Over-read in Camera
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
CVE-2026-21371 Buffer Over-read in WinBlast Driver
Memory Corruption when retrieving output buffer with insufficient size validation...
CVE-2026-21371
CVE-2026-21371 is described as memory corruption due to insufficient size validation when retrieving an output buffer. The CVELIST entry identifies the affected component as the WinBlast Driver and labels the issue as a buffer over-read. The NVD entry repeats the same description. The provided me...
CVE-2026-21371 Buffer Over-read in WinBlast Driver
Memory Corruption when retrieving output buffer with insufficient size validation...
CVE-2026-21367 Buffer Over-read in WLAN Firmware
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...
CVE-2026-21367 Buffer Over-read in WLAN Firmware
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...