The vulnerability of the library for developing web applications – Werkzeug, related to writing beyond the buffer boundaries, allows attackers to trigger a service failure.

The vulnerability of the Werkzeug library for developing web applications relates to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures...

DEBIAN-CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

The vulnerability of the JPEG file loader for Grub2 operating systems, which allows a hacker to bypass the secure loading mechanism

The vulnerability of JPEG files loaded by Grub2 operating systems is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to bypass the secure loading mechanism...

The vulnerability of the fs/hfs.c file, a component of the hfs loader for operating system Grub2, allows a attacker to execute arbitrary code.

The vulnerability of the fs/hfs.c file, a component of the Grub2 operating system loader, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the context of the current user, using a specially created fil...

The vulnerability of the tarHandler component in the Grub2 operating system’s downloader allows a hacker to bypass the secure download mechanism.

The vulnerability of the tarHandler component in the Grub2 operating system’s loader involves writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to bypass the secure loading mechanism...

The vulnerability of the psi/zbfont.c file in the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to execute arbitrary code.

The vulnerability of the psi/zbfont.c file in the software for processing, converting, and generating Ghostscript documents is related to the copying of buffers without checking the size of the input data, as a result of incorrect conversion of glyphs to Unicode. Exploiting this vulnerability can...

The vulnerability of the Suricata intrusion detection and prevention system arises from the operation exceeding the buffer boundaries in memory due to incorrect processing of transformation keywords. This allows an attacker to execute arbitrary code.

The vulnerability of the Suricata intrusion detection and prevention system lies in the escape of the operation beyond the buffer in memory due to incorrect processing of transformation keywords. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the bson.Append() function in the Libson library’s MongoDB driver for MongoDB database management systems allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the bson.Append function in the Libson library for MongoDB’s C driver of the MongoDB database management system is related to the issue of operations occurring outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code or...

The vulnerability of the formDelWewifiPic() function in the microprogramming software for Tenda W15E routers allows a hacker to induce a service failure.

The vulnerability of the formDelWewifiPic function in the Tenda W15E router software is related to the operation of writing data outside the buffer in memory when processing the picName parameter. Exploiting this vulnerability can allow an attacker to cause a service failure by sending a speciall...

The vulnerability of Adobe Illustrator’s graphic editor lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Illustrator’s graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

Open Asset Import Library（assimp） 缓冲区错误漏洞

Open Asset Import Library assimp is a library in the Open Asset Import Library open source. A buffer error vulnerability exists in Open Asset Import Library assimp version 5.4.3, which stems from the presence of out-of-bounds writes...

The vulnerability of the Linux operating system’s file system driver allows a hacker to execute arbitrary code.

The vulnerability of the Linux operating system’s file system driver is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by mounting a specially crafted version of the file system...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1299)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : initramfs: avoid filename buffer overrunCVE-2024-53142 bpf, sockmap: Several fixes to bpfmsgpopdataCVE-2024-56720 scsi: sg: Fix slab-use-after-fre...

PT-2025-20345

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue is related to the use of the counted by function in the vsc-tp.c code, which is using the counted bylen attribute on vsc ...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment relates to the writing beyond buffer boundaries in memory. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes lies in the writing of data beyond buffer boundaries in memory. Exploiting this vulnerability coul...

The vulnerability of the PCX Image development platform’s SDP code allows attackers to execute arbitrary code.

The vulnerability of the PCX Image development platform’s SDP code base relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code...

The vulnerability in the file src/include/OpenImageIO/detail/farmhash.h of the OpenImageIO image processing library allows a hacker to execute arbitrary code.

The vulnerability in the src/include/OpenImageIO/detail/farmhash.h file of the image processing library OpenImageIO is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Amazon Linux 2 : kernel (ALAS-2025-2775)

The version of kernel installed on the remote host is prior to 4.14.355-274.598. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2775 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are...

Linux Distros Unpatched Vulnerability : CVE-2024-49995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun Smatch reports that copying medianame and ifname t...