Security Bulletin: Fixes to common vulnerabilities found in IBM Db2 High Performance Unload

Summary Fixes to common vulnerabilities discovered in IBM Db2 High Performance Unload v12.1 are available to download from IBM. Vulnerability Details CVEID:CVE-2025-33126 DESCRIPTION: IBM Db2 High Performance Unload could allow an authenticated user to cause the program to crash due to the...

CVE-2025-66216

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been...

NVIDIA DGX Spark 缓冲区错误漏洞

The NVIDIA DGX Spark is a personal AI computer from NVIDIA. A buffer error vulnerability exists in NVIDIA DGX Spark GB10, which stems from an out-of-bounds write in the SROOT firmware that could lead to code execution, data tampering, denial of service, or elevation of privilege...

Ashlar-Vellum多款产品 缓冲区错误漏洞

Ashlar-Vellum Xenon and others are products of Ashlar-Vellum.Ashlar-Vellum Xenon is a CAD modeling software.Ashlar-Vellum Cobalt is a parametric-based computer-aided design and 3D modeling program.Ashlar-Vellum Argon is A 2D drafting and 3D modeling software. A buffer error vulnerability exists i...

D-Link DWR-M920和D-Link DIR-822K 缓冲区错误漏洞

The D-Link DWR-M920 and D-Link DIR-822K are both products of China-based AUO D-Link.The D-Link DWR-M920 is a router.The D-Link DIR-822K is a wireless router.The D-Link DWR-M920 and D-Link DIR-822K are both products of China-based AUO D-Link.The D-Link DWR-M920 and D-Link DIR-822K are wireless...

Microsoft Bluetooth Driver 缓冲区错误漏洞

Microsoft Bluetooth Driver is an application software Bluetooth driver from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Bluetooth Driver. An attacker could exploit this vulnerability to obtain sensitive information. The following products and editions are...

Microsoft Windows Common Log File System Driver 缓冲区错误漏洞

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API provides a high-performance, common log file subsystem that can be used by dedicated client applications and shared by multiple clients to optimize logging and access. access. A buffer error...

ASUS Armoury Crate Memory Buffer Operation Improperly Limited Vulnerability

ASUS Armoury Crate is a utility software developed by ASUS to centrally control and manage ROG Gamerland and some ASUS gaming products. ASUS Armoury Crate suffers from an improperly restricted memory buffer manipulation vulnerability that can be exploited by an attacker to cause a local elevation...

Apple多款产品 缓冲区错误漏洞

Apple Safari and others are products of Apple Inc. Apple Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. A buffer error vulnerability...

Qt 缓冲区错误漏洞

Qt is a cross-platform application development framework from the Qt open source. A buffer error vulnerability exists in versions prior to Qt 6.8.2 that stems from improper handling of Bluetooth ATT commands, which could result in an out-of-bounds read or divide-by-zero error...

Eclipse ThreadX USBX 缓冲区错误漏洞

Eclipse ThreadX USBX is an open source USB host, device and mobile embedded stack for Eclipse ThreadX. A buffer error vulnerability exists in Eclipse ThreadX USBX versions prior to 6.4.3 that stems from a potential out-of-bounds read issue when parsing USB stream device descriptors...

F5 BIG-IP 缓冲区错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A buffer error vulnerability exists in F5 BIG-IP, which stems from an improperly configured OAuth access profile that could...

Eclipse ThreadX NetX Duo 缓冲区错误漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A buffer error vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from a lack of validation of the PSK length in a user message, which could lead to out-of-bounds...

Adobe Substance3D Viewer 缓冲区错误漏洞

Adobe Substance3D Viewer is a standalone desktop application for viewing and editing 3D files from Adobe. A buffer error vulnerability exists in Adobe Substance3D Viewer 0.25.2 and prior versions, which stems from the presence of an out-of-bounds write that could lead to the execution of arbitrar...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a set and rendering software for 3D scenes from Audobee Adobe USA. A buffer error vulnerability exists in Adobe Substance3D Stager 3.1.4 and prior versions, which stems from an out-of-bounds read when parsing a specially crafted file, and could lead to code execution i...

Microsoft Windows WLAN AutoConfig Service 缓冲区错误漏洞

Microsoft Windows WLAN AutoConfig Service is a wireless network card configuration service for Windows Vista+ operating systems from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows WLAN AutoConfig Service, which can be exploited by an attacker to obtain sensiti...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a set and rendering software for 3D scenes from Audobee Adobe USA. A buffer error vulnerability exists in Adobe Substance3D Stager 3.1.4 and prior versions, which stems from an out-of-bounds read when parsing a specially crafted file, and could lead to code execution i...

Siemens Solid Edge SE2025和Siemens Solid Edge SE2024 缓冲区错误漏洞

Siemens Solid Edge SE2025 and Siemens Solid Edge SE2024 are both development software from Siemens Germany. A buffer error vulnerability exists in Siemens Solid Edge SE2025 and Siemens Solid Edge SE2024, which arises from an out-of-bounds read when parsing a specially crafted PRT file, which coul...

Siemens Solid Edge SE2025和Siemens Solid Edge SE2024 缓冲区错误漏洞

Siemens Solid Edge SE2025 and Siemens Solid Edge SE2024 are both development software from Siemens Germany. A buffer error vulnerability exists in Siemens Solid Edge SE2025 and Siemens Solid Edge SE2024, which arises from an out-of-bounds read when parsing a specially crafted PRT file, which coul...

Fuji Electric V-SFT 缓冲区错误漏洞

Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. A buffer error vulnerability exists in Fuji Electric V-SFT v6.2.7.0 and earlier versions, which stems from an out-of-bounds read in VS6ComFile!getovlpelementsize, which could lead to information disclosure, abnormal...