IBM CICS TX Standard 缓冲区错误漏洞

IBM CICS TX Standard is a comprehensive single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. A buffer error vulnerability exists in IBM CICS TX Standard version 11.1, which stems from the...

F5 BIG-IP 缓冲区错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A buffer error vulnerability exists in F5 BIG-IP that stems from a connection mirroring configuration that causes the standby system TMM to...

MicroDicom DICOM Viewer 缓冲区错误漏洞

MicroDicom DICOM Viewer is a lightweight and easy-to-use application from MicroDicom, Inc. for processing and viewing medical images in DICOM format. A buffer error vulnerability exists in MicroDicom DICOM Viewer 2025.1 Build 3321 and prior versions, which originates from an out-of-bounds write a...

Luxion KeyShot 缓冲区错误漏洞

Luxion KeyShot is a software for designing photographs of 3D scenes from Luxion, USA. The software allows real-time 3D rendering workflows to display results immediately and reduce the time required to create photorealistic product photos. A buffer error vulnerability exists in Luxion KeyShot tha...

CVE-2025-40364

CVE-2025-40364 : In the Linux kernel, the io_uring path titled “io_req_prep_async with provided buffers” has been resolved. The issue allowed io_req_prep_async() to import provided buffers and then commit the ring state by giving up on that path, with the buffers potentially being reimported late...

CVE-2025-3286

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-21591

A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service DoS...

CVE-2025-3286 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

stb 缓冲区错误漏洞

stb is a single-file public domain library of stb for C/C++ by the individual developer Sean Barrett. A buffer error vulnerability exists in stb that stems from an out-of-bounds read due to the parameter hcount/vcount...

bigint-buffer Vulnerable to Buffer Overflow via toBigIntLE() Function

Versions of the package bigint-buffer from 0.0.0 to 1.1.5 are vulnerable to Buffer Overflow in the toBigIntLE function. Attackers can exploit this to crash the application...

CVE-2025-21997 xsk: fix an integer overflow in xp_create_and_assign_umem()

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...

The vulnerability of the Routing Protocol Demon (rpd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Routing Protocol Data rpd in Juniper Networks’ Junos OS and Junos OS Evolved operating systems lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks that originates from parsing a specially crafted DWFX file resulting in memory corruption that could...

PyTorch 缓冲区错误漏洞

PyTorch is a Python package open-sourced by PyTorch. PyTorch suffers from a buffer error vulnerability that stems from the failure of the function torch.jit.script to properly validate the length size of input data, which can be exploited by an attacker to execute arbitrary code on the system or...

Nintendo Animal Crossing 缓冲区错误漏洞

Nintendo Animal Crossing is a social simulation game by Nintendo of Japan. Nintendo Animal Crossing suffers from a buffer error vulnerability that stems from a memory corruption in the Letter Trigram Handler component...

The vulnerability of the perf_event_cpu_offline() function in the drivers/dma/idxd/perfmon.c kernel module of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the perfeventcpuoffline function in the drivers/dma/idxd/perfmon.c kernel module of the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. A security vulnerability exists in Autodesk AutoCAD that originates from parsing a malicious specially crafted MODEL file that could result in an out-of-bounds read, which could cause a crash, read sensitive data,...

Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2015-0292)

Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...

Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2016-10012)

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2016-2176)

The X509NAMEoneline function in crypto/x509/x509obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service buffer over-read via crafted EBCDIC ASN.1 data. This plugin only works with...