The vulnerability of the formOneSidCfgSet function in the microprogramming software for Tenda AC500 allows a hacker to cause a service failure.

The vulnerability of the formOneSidCfgSet function in the Tenda AC500 router’s microprogramming software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the RPAC component in operating systems such as MacOS Sequoia, tvOS, visionOS, iOS, and iPadOS allows attackers to circumvent existing security restrictions.

The vulnerability of the RPAC component in macOS Sequoia, tvOS, visionOS, iOS, and iPadOS relates to reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the JpgInput::jpeg_decode_iptc() function in the src/jpeg.imageio/jpeginput.cpp module of the OpenImageIO library allows a malicious actor to access protected information or cause service failures.

The vulnerability of the JpgInput::jpegdecodeiptc function in the src/jpeg.imageio/jpeginput.cpp module of the OpenImageIO library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause...

ruby:3.1 security update

ruby 3.1.7-145 - Upgrade to Ruby 3.1.7. Resolves: RHEL-55408 - Fix DoS vulnerability in REXML. CVE-2024-39908 Resolves: RHEL-57051 - Fix DoS vulnerability in REXML. CVE-2024-43398 Resolves: RHEL-56002 3.1.5-144 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68520 3.1.5-143 - Upgra...

CVE-2025-43963

In LibRaw before 0.21.4, phaseonecorrect in decoders/loadmfbacks.cpp allows out-of-buffer access because splitcol and splitrow values are not checked in 0x041f tag processing...

The vulnerability of the formSetStaticRoute() function in the Tenda W20E wireless Wi-Fi router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetStaticRoute function in the Tenda W20E wireless Wi-Fi router software lies in the reading of data beyond the buffer in memory during the processing of parameters such as staticRouteNet, staticRouteMask, staticRouteGateway, and staticRouteWAN. Exploiting this...

The vulnerability of the skb_tunnel_info() function in the include/net/dstmetadata.h module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the skbtunnelinfo function in the include/net/dstmetadata.h module of the Linux kernel involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the tdhttpd service in the microprogramming software for Tenda AX1806 allows a hacker to cause a service failure.

The vulnerability of the tdhttpd service in the microprogramming-based router software of Tenda AX1806 relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The vulnerability of the WPE WebKit and WebKitGTK web page rendering modules, related to reading beyond the buffer data limit, allows attackers to cause service failures.

The vulnerability of the WPE WebKit and WebKitGTK page rendering modules is related to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability in the definition of the structure rtl_vnd{} in the module drivers/bluetooth/hci_h5.c – the driver for supporting Bluetooth devices in the Linux operating system – allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability in determining the structure of the rtlvnd module in the drivers/bluetooth/hcih5.c file – the driver for supporting Bluetooth devices in Linux operating systems – involves reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain access ...

The vulnerability of the jfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the jfs component in the Linux operating system’s kernel involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

RHEL 9 : openssl (RHSA-2025:3666)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3666 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength...

The vulnerability of the NTFS file system in Windows operating systems allows attackers to increase their privileges.

The vulnerability of the NTFS file system in Windows operating systems relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

hdf5: multiple CVEs

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...

The vulnerability of the Windows Kernel-mode Driver driver allows attackers to increase their privileges.

The vulnerability of the Windows Kernel-Mode Driver driver in the operating system involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to reading data beyond the allowed buffer limits, allows attackers to cause service failures.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to reading data beyond the acceptable buffer limits. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the enic_main.c component in the Linux operating system allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the enicmain.c component in the Linux operating system is related to reading data from beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the SGIRleDecode.c component in the Pillow library for rendering raster graphics allows a hacker to cause a service failure.

The vulnerability of the SGIRleDecode.c component in the Pillow library for rendering raster graphics is related to reading data beyond the permissible buffer limits. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the Adobe Framemaker desktop publishing system, related to reading data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially created malicious file...

GraphicsMagick 安全漏洞

GraphicsMagick is GraphicsMagick open source set of simple image processing tools. It provides resizing, rotation, highlighting, and more. A security vulnerability exists in GraphicsMagick versions prior to 8e56520, which stems from a heap buffer over-read...