EUVD-2026-34238

Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635...

CVE-2026-8916

Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635...

CVE-2026-47318

CVE-2026-47318 : A stack-based buffer overflow vulnerability is present in Samsung Open Source rlottie. The issue affects rlottie before ce72b35a7ad0dded03051d3aa0ef75321c3bd035. CVSS 3.1 base metrics indicate a MEDIUM overall base score of 6.1, with LOCAL attack vector, LOW attack complexity, no...

CVE-2026-47318

Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035...

EUVD-2026-34237

Stack-based buffer overflow vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before ce72b35a7ad0dded03051d3aa0ef75321c3bd035...

libsndfile: integer overflow in ima_reader_init()

A flaw was found in the libsndfile library. An integer overflow in the IMA ADPCM codec can occur when a specially crafted WAV audio file is processed, specifically with malicious samplesperblock and blocks values. This can lead to a heap-based buffer overflow, causing a crash to the application...

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

...

SUSE CVE-2026-46253

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called multiple times for the same persistentramzone e.g., via ramoopspstoreread - ramoopsgetnextprz for PSTORETYPEDMESG records. Currently, the...

SUSE CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

[slackware-security] net-tools

New net-tools packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/net-tools-201811030eebece-i586-4slack15.0.txz: Rebuilt. This update fixes a security issue: interface.c: Stack-based Buffer Overfl...

[slackware-security] xorg-server

New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-20slack15.0.txz: Rebuilt. This update fixes security issues: Font Alias Stack-based Buffer Overflow. XSY...

PT-2026-46205

AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code...

Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. Version 12.1 of Mobatek MobaXterm contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured...

Nsasoft NetShareWatcher 安全漏洞

Nsasoft NetShareWatcher is a security auditing tool developed by the US company Nsasoft. Version 1.5.8.0 of Nsasoft NetShareWatcher contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which could allow local attackers to execute...

ALLPlayer 安全漏洞

ALLPlayer is a multimedia player developed by ALLPlayer Corporation. Version 7.4 of ALLPlayer contains a security vulnerability, which stems from a local buffer overflow in URL processing. This vulnerability could allow attackers to overwrite structured exception handling by providing overly long...

LabF nfsAxe 安全漏洞

LabF nfsAxe is a Windows platform NFS client and NFS server suite developed by LabF Corporation. LabF nfsAxe has a security vulnerability, which stems from a buffer overflow. This vulnerability could allow local attackers to execute arbitrary code by providing malicious payloads in the Host IP...

PT-2026-46179

Name of the Vulnerable Software and Affected Versions rlottie versions prior to dcfde72eae1b0464dc0dd760aec00ada6a148635 Description An out-of-bounds write issue in Samsung Open Source rlottie allows for buffer overflows. An out-of-bounds write occurs when a program writes data past the end or...

PT-2026-46386

Name of the Vulnerable Software and Affected Versions Network sockets subsystem affected versions not specified Description An out-of-bounds write and read issue exists in the TLS socket connect path within the network sockets subsystem, specifically in the subsys/net/lib/sockets/sockets tls.c...

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability due to out-of-bound writing, which could lead to buffer...

PT-2026-46211

Mobatek MobaXterm 12.1 contains a structured exception handling SEH based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the...