CVE-2025-2521 Lack of indexes’ validation against buffer borders leads to remote code execution.

The Honeywell Experion PKS and OneWireless WDM contains a Memory Buffer vulnerability in the component Control Data Access CDA. An attacker could potentially exploit this vulnerability, leading to an Overread Buffers, which could result in improper index validation against buffer borders leading ...

CVE-2025-38267 ring-buffer: Do not trigger WARN_ON() due to a commit_overrun

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARNON due to a commitoverrun When reading a memory mapped buffer the reader page is just swapped out with the last page written in the write buffer. If the reader page is the same as the commit buffer...

Microsoft Windows Routing and Remote Access Service 缓冲区错误漏洞

Microsoft Windows Routing and Remote Access Service is a network service from Microsoft Corporation USA that is used to implement features such as network routing, virtual private networks VPNs, and dial-up connections. A buffer error vulnerability exists in Microsoft Windows Routing and Remote...

Adobe Audition < 24.6.7 / 25.0 < 25.3 Application denial-of-service (APSB25-56) (macOS)

The version of Adobe Audition installed on the remote macOS host is prior to 24.6.7, 25.3. It is, therefore, affected by a vulnerability as referenced in the APSB25-56 advisory. - Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer...

Mbed TLS 缓冲区错误漏洞

Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A buffer error vulnerability exists in Mbed TLS versions prior to 3.6.4, which stems from a failure to check the input buffer size and can lead to out-of-bounds reads...

CVE-2025-52497

Mbed TLS before 3.6.4 has a PEM parsing one-byte heap-based buffer underflow, in mbedtlspemreadbuffer and two mbedtlspkparse functions, via untrusted PEM input...

PDF-XChange Editor 缓冲区错误漏洞

PDF-XChange Editor is a PDF-XChange company running on Microsoft Windows systems in the PDF file viewer software. An information disclosure vulnerability exists in PDF-XChange Editor, which is caused by a lack of proper validation of user-supplied data. An attacker could exploit this vulnerabilit...

SWFTools 缓冲区错误漏洞

SWFTools is a set of utilities for working with Adobe Flash files SWF files from the individual developer Matthias Kramm. A buffer error vulnerability exists in SWFTools version 0.9.2 and earlier, which stems from an out-of-bounds read in the file lib/wav.c function wavconvert2mono in the compone...

CVE-2022-50222 tty: vt: initialize unicode screen buffer

In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread 1, for buffer can be read immediately after resize operation. Initialize buffer using kzalloc. ---------- include include include include int...

TencentOS Server 2: zlib (TSSA-2023:0038)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0038 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Dell ControlVault3和Dell ControlVault3 Plus 缓冲区错误漏洞

Dell ControlVault3 and Dell ControlVault3 Plus are both hardware-based security solutions from Dell USA. A buffer error vulnerability exists in Dell ControlVault3 versions prior to 5.15.10.14 and Dell ControlVault3 Plus versions prior to 6.2.26.36, which stems from an out-of-bounds read in the...

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A buffer error vulnerability exists in the Microsoft Windows Storage Management Provider. An attacker exploiting this vulnerability could gain access to sensitive information. The following...

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A buffer error vulnerability exists in the Microsoft Windows Storage Management Provider. An attacker exploiting this vulnerability could gain access to sensitive information. The following...

Amazon Linux 2023 : (ALAS2023NVIDIA-2025-112)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-112 advisory. NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute...

Santesoft Sante DICOM Viewer Pro 缓冲区错误漏洞

Santesoft Sante DICOM Viewer Pro is a powerful viewer, anonymizer, converter and PACS client from Santesoft Cyprus. Works with all models and manufacturers of DICOM files. A buffer error vulnerability exists in Santesoft Sante DICOM Viewer Pro, which stems from failure to properly validate user...

CVE-2025-1246

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operation...

Assimp 缓冲区错误漏洞

Assimp is an Assimp open source library. It is used to import and export various 3D model formats. A buffer error vulnerability exists in Assimp version 5.4.3, which stems from an out-of-bounds read problem in function MDLImporter::ParseSkinLump3DGSMDL7 in file...

CVE-2024-10498

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in...

CVE-2024-45167

An issue was discovered in UCI IDOL 2 aka uciIDOL or IDOL2 through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service DoS attacks and possibly remote code execution...

CVE-2024-11139

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow local attackers to exploit these issues to potentially execute arbitrary code when opening a malicious project file...