CLSA-2026-1775731413 libxml2: Fix of 8 CVEs

CVE-2023-45322: fix use-after-free in xmlStaticCopyNodeList when copying DTDs - CVE-2024-34459: fix buffer over-read in xmlHTMLPrintFileContext in xmllint - CVE-2025-6170: fix potential buffer overflows in xmllint interactive shell - CVE-2025-8732: fix stack overflow from self-referencing SGML...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from an excessive read of the 1-byte stack buffer in the MatchDomainName...

The Sleuth Kit（TSK） 缓冲区错误漏洞

The Sleuth Kit TSK is a set of data forensics tools developed by Brian Carrier individually. This tool can analyze file systems such as FAT, NTFS, and UFS, and provide detailed information about those file systems. The Sleuth Kit TSK versions 4.14.0 and earlier contained a buffer error...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006771 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr...

ROS-20260408-73-0005

A vulnerability in the nfsfhtodentry function of the fs/nfs/export.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260407-73-0013

A vulnerability in the fs/hfs/bnode.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260407-73-0020

A vulnerability in the fs/smb/client/smb2ops.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260407-73-0012

A vulnerability in the fs/hfsplus/bnode.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to gain access to confidential data, violate its integrity, and cause denial of service...

CVE-2026-35201

Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...

CVE-2026-35203 ZLMediaKit VP9 RTP Parser Out-of-Bounds Read

ZLMediaKit is a streaming media service framework. the VP9 RTP payload parser in ext-codec/VP9Rtp.cpp reads multiple fields from the RTP payload based on flag bits in the first byte, without verifying that sufficient data exists in the buffer. A crafted VP9 RTP packet with a 1-byte payload 0xFF,...

CVE-2026-35203 ZLMediaKit VP9 RTP Parser Out-of-Bounds Read

ZLMediaKit is a streaming media service framework. the VP9 RTP payload parser in ext-codec/VP9Rtp.cpp reads multiple fields from the RTP payload based on flag bits in the first byte, without verifying that sufficient data exists in the buffer. A crafted VP9 RTP packet with a 1-byte payload 0xFF,...

CVE-2026-35201 Discount has an Out-of-bounds Read in rdiscount

Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...

MGASA-2026-0086 Updated freerdp packages fix security vulnerabilities

FreeRDP has a heap-buffer-overflow in audinprocessformats. CVE-2026-22852 FreeRDP has a heap-buffer-overflow in driveprocessirpread. CVE-2026-22854 FreeRDP has a heap-buffer-overflow in smartcardunpacksetattribcall. CVE-2026-22855 FreeRDP has a heap-use-after-free in createirpthread. CVE-2026-228...

CVE-2026-21381 Buffer Over-read in WLAN Firmware

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection...

CVE-2026-21381

CVE-2026-21381 is described in connected records as a buffer over-read in WLAN firmware causing a transient denial-of-service when a service data frame with excessive length is processed during device matching over a neighborhood awareness network protocol. This CVE is associated with WLAN firmwa...

CVE-2026-21378

The CVE-2026-21378 entry describes a memory corruption vulnerability in a camera sensor driver triggered when IOCTLs access an output buffer without validating its size. Affected component is the camera sensor driver’s IOCTL handling (output buffer). Root cause: insufficient validation of the des...

CVE-2026-21378 Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...

CVE-2026-21376

CVE-2026-21376 : Memory corruption occurs when an output buffer is accessed during IOCTL processing in a camera sensor driver without validating its size. Root cause is missing validation of the output buffer size. Documented impact includes high confidentiality, integrity, and availability conce...

CVE-2026-21376 Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...

CVE-2026-21375 Buffer Over-read in Camera

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...