Huawei EMUI和Huawei HarmonyOS 缓冲区错误漏洞

Huawei EMUI and Huawei HarmonyOS are both products of the Chinese company Huawei. Huawei EMUI is a mobile operating system developed based on Android. Huawei HarmonyOS is an operating system that provides a full-scenario distributed operating system based on a microkernel. Both Huawei EMUI and...

AMD多款产品 缓冲区错误漏洞

AMD Radeon is a set of device driver and utility software packages developed by American semiconductor company AMD for Advanced Micro Devices’ graphics cards and GPUs. Several AMD products have a buffer error vulnerability, which stems from insufficient parameter cleaning. This vulnerability may...

coreMQTT Client Library 缓冲区错误漏洞

The coreMQTT Client Library is a lightweight client communication library developed under the FreeRTOS open source project. Versions of the coreMQTT Client Library prior to 5.0.1 contained a buffer error vulnerability. This vulnerability stems from the lack of boundary validation in the MQTT v5.0...

MongoDB Server 缓冲区错误漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a buffer error vulnerability in MongoDB Server, which stems from...

CVE-2026-44858 Authenticated Stack-Based Buffer Overflow in PAPI Services

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

Microsoft Excel 缓冲区错误漏洞

Microsoft Excel is a spreadsheet software within the Office suite developed by Microsoft Corporation. There is a buffer error vulnerability in Microsoft Excel. Attackers can exploit this vulnerability to obtain sensitive information. The following products and versions are affected: Office Online...

Barebox 缓冲区错误漏洞

Barebox is a versatile and flexible bootloader developed by Barebox Open Source. Versions of Barebox prior to 2026.04.0 contained a buffer error vulnerability. This vulnerability stemmed from the dhcpmessagetype function in DHCP option parsing, which did not verify whether the option pointers wer...

GDAL 缓冲区错误漏洞

GDAL is an open-source geospatial data abstraction library developed by GDAL. Versions of GDAL 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from a function in the file frmts/hdf4/hdf-eos/GDapi.c called GDfieldinfo, which may lead to out-of-bounds read...

Security Bulletin: IBM SPSS Statistics Java SE Vulnerability Updates

Summary Denial of service, unauthorized access and buffer size vulnerabilities have been addressed. Addresses Java CVEs: CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188, CVE-2025-2900 and CVE-2025-4447. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE ...

Open Cascade OCCT 缓冲区错误漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from multiple issues with the IGES and STEP file parsers, including an out-of-bounds read of...

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

Mozilla Firefox和Mozilla Firefox ESR 缓冲区错误漏洞

Mozilla Firefox and Mozilla Firefox ESR are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Versions of Mozilla Firefox prior to 150.0.1, as well as Mozilla Firefox ESR versio...

PT-2026-35061

Name of the Vulnerable Software and Affected Versions uuid versions prior to 14.0.0 Description The software used for creating RFC9562 formerly RFC4122 UUIDs contains an issue where v3, v5, and v6 accept external output buffers but fail to reject out-of-range writes, such as those involving a sma...

BACnet Stack 缓冲区错误漏洞

BACnet Stack is an open-source protocol stack for BACnet, designed for use in embedded systems, Linux, MacOS, BSD, and Windows. Versions prior to BACnet Stack 1.4.3 contained a buffer error vulnerability. This vulnerability stems from a out-of-bounds read vulnerability in the decoder of the...

Adobe InDesign Desktop 缓冲区错误漏洞

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Microsoft Windows Encrypting File System 缓冲区错误漏洞

Microsoft Windows Encrypting File System is a feature introduced by Microsoft’s Windows operating system in NTFS 3.0. It provides file system-level encryption. There is a buffer error vulnerability in Microsoft Windows Encrypting File System EFS. Attackers can exploit this vulnerability to gain...

Microsoft Windows GDI 缓冲区错误漏洞

Microsoft Windows GDI is a core underlying standard interface in the Windows operating system developed by Microsoft, responsible for drawing graphical objects on the screen or printer, managing fonts, and processing images. There is a buffer error vulnerability present in Microsoft Windows GDI...

Microsoft Windows GDI 缓冲区错误漏洞

Microsoft Windows GDI is a core underlying standard interface within the Windows operating system developed by Microsoft, responsible for drawing graphical objects on the screen or printer, managing fonts, and processing images. There is a buffer error vulnerability present in Microsoft Windows...

openFPGALoader 缓冲区错误漏洞

openFPGALoader is a general-purpose FPGA programming tool developed by Gwenhael Goavec-Merou. Versions of openFPGALoader prior to 1.1.1 contained a buffer error vulnerability. This vulnerability stems from a heap buffer overflow during the execution of the BitParser::parseHeader function, which m...

ZLMediaKit 缓冲区错误漏洞

ZLMediaKit is an open-source advanced streaming service framework based on C++ 11, developed by ZLMediaKit in China. ZLMediaKit has a buffer error vulnerability, which stems from the lack of buffer boundary validation in the VP9 RTP parser, potentially leading to a heap buffer overflow...