EUVD-2026-36151

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

Incorrect Calculation of Buffer Size

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in its ability to copy buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the copying of buffers without checking the size of the input data when processing GIF files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWirelessTbl file in the microprogramming software for routers A702R, A3002R, and A3002RU allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HTTP POST Request Handler component of the /boafrm/formWirelessTbl file in the microprogramming software for routers A702R, A3002R, and A3002RU is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an...

CVE-2021-22392

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses...

The vulnerability of SIMATIC PCS, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC control systems lies in the copying of buffers without checking the size of the input data. This allows a malicious actor to trigger malfunctions during maintenance operations.

The vulnerability of SIMATIC PCS, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC control systems lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to cause malfunctions in the system’s operations...

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to execute arbitrary code, increase their privileges, or disclose sensitive information.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code, increase their privileges, or disclose sensitive information...

The vulnerability of the Kofax PowerPDF software, which is used for creating, converting, editing, and publishing PDF files, stems from the copying of buffers without checking the size of the input data. This allows an attacker to execute arbitrary code.

The vulnerability of the Kofax PowerPDF software for creating, converting, editing, and publishing PDF files lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially crafted PDF fi...

The vulnerability of the create_empty_lvol() function in the UBI driver (Unsorted block images) of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the createemptylvol function in the drivers/mtd/ubi/vtbl.c file of the UBI driver Unsorted block images in the Linux operating system is related to the lack of control over the size of the requested buffer. Exploiting this vulnerability could allow an attacker to cause a...

The vulnerability of the __vsyslog_internal function in the GNU C Library, related to incorrect calculation of buffer size, allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the vsysloginternal function in the GNU C Library is related to incorrect calculation of the buffer size. Exploiting this vulnerability may allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The software for PLC programming by Delta Electronics WPLSoft has a vulnerability related to copying buffers without checking the size of the input data. This allows an intruder to execute arbitrary code.

The vulnerability of Delta Electronics WPLSoft PLC programming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created DVP file...

CVE-2023-45040

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

The vulnerability of HP LaserJet Pro printer’s microprogramming software lies in the copying of buffers without checking the size of the input data, allowing a hacker to execute arbitrary code.

The vulnerability of HP LaserJet Pro printer microprogramming software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of the export-v2.php and ajax.render.php components of the iTop IT service management web tool allows a perpetrator to execute arbitrary code.

The vulnerability of the export-v2.php and ajax.render.php components of the iTop IT service management web tool is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2023-32971

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

The vulnerability of the rotateimage() function in the libtiff library, which allows a hacker to cause a service failure

The vulnerability of the rotateimage function in the libtiff library is related to incorrect calculation of the buffer size. Exploiting this vulnerability may allow a remote attacker to cause a service failure...

The vulnerability of the mwifiexcmd_802_11_ad_hoc_start() function in the Marvell Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the mwifiexcmd80211adhocstart function in the Marvell Linux operating system kernel lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a long SSID value...

CVE-2022-28785

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic...

Google Android Qualcomm QBT1000 Driver Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and the Qualcomm QBT1000 driver is a Qualcomm-developed QBT1000 driver used in it. The Qualcomm QBT1000 driver for Android is vulnerable to a boost vulnerability that arises from...

The vulnerability of PlayReady DRM component in the Android operating system from the CAF repository, which allows a violator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of PlayReady DRM on the Android operating system, found in the CAF repository, is related to the lack of checks for buffer size. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected informati...