Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-408084)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-408084 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is alway...

CVE-2023-53541 mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on the oob source buffer at the last iteration. Fix th...

EUVD-2025-15850

Malicious code in bioql PyPI...

EUVD-2023-40324

Malicious code in bioql PyPI...

Erlang/OTP (Erlang OTP) Buffer Read Overflow Vulnerability (Sep 2025) - Linux

Erlang/OTP Erlang OTP is prone to a buffer read overflow vulnerability in the erts component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

Erlang/OTP (Erlang OTP) Buffer Read Overflow Vulnerability (Sep 2025) - Windows

Erlang/OTP Erlang OTP is prone to a buffer read overflow vulnerability in the erts component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

SUSE CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

DEBIAN-CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

UBUNTU-CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

CVE-2025-39691 fs/buffer: fix use-after-free when call bh_read() helper

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

CVE-2025-39691 fs/buffer: fix use-after-free when call bh_read() helper

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

CVE-2025-39691

CVE-2025-39691 (Linux kernel) is a use-after-free in fs/buffer when bh_read() is used during ntfs3 mount, where a stack variable map_bh passed to ntfs_get_block_vbo() may be freed before end_buffer_read_sync(), risking stack overrun on put_bh. The issue is triggered in the I/O path for buffer hea...

PT-2025-35886

Name of the Vulnerable Software and Affected Versions: lwis affected versions not specified Description: The lwis io buffer write function contains a potential out-of-bounds OOB read/write issue resulting from insufficient input validation. Successful exploitation of this issue could lead to loca...

Security update for coreutils

This update for coreutils fixes the following issues: CVE-2025-5278: Sort with key character offsets of SIZEMAX, could induce a read of 1 byte before an allocated heap buffer bsc1243767. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

TencentOS Server 4: gstreamer1-plugins-good (TSSA-2025:0705)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0705 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Astra Linux – Vulnerability in gst-plugins-good1.0

GStreamer is a library for constructing graphs of media-handling components. A OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...

CVE-2024-0131

NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service...

CVE-2023-36356

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted GET request...

CVE-2020-11233

Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...