Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialization when the number of links is greater than maxlinks. Reason The Coverity report indicates an OVERRUN warning. There are only maxlinks elements within dc-links. The number of links can...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo – Fix for compression buffer overflows Unlike the decompression code, the compression code in LZO never checked for output overflows. Instead, it assumes that the caller always provides sufficient buffer space, withou...

TencentOS Server 4: tpm2-tss (TSSA-2024:1007)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1007 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

The vulnerability of the built-in web server boa (/boafrm/formSetLg) of the TOTOLINK X15 router’s microprogramming software allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the built-in web server boa /boafrm/formSetLg of the TOTOLINK X15 router’s microprogramming software is related to the copying of buffers without checking the size of input data during the processing of the submit-url parameter. Exploiting this vulnerability allows a maliciou...

The vulnerability of CNCSoft’s numerical control software lies in its ability to write beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of CNCSoft’s numerical control software lies in its ability to execute code outside the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of CNCSoft’s numerical control software lies in its ability to write beyond buffer boundaries, allowing attackers to execute arbitrary code.

The vulnerability of CNCSoft’s numerical control software lies in its ability to execute code outside the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability in the /goform/form2lansetup.cgi microprogramming system of D-Link DIR-816 allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the /goform/form2lansetup.cgi microprogramming system of D-Link DIR-816 relates to the issue of data being written outside the buffer in memory during the processing of the IP parameter. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality,...

The vulnerability of the Common Log File System Driver for Microsoft Windows operating systems allows attackers to gain increased privileges.

The vulnerability of the Common Log File System Driver for Microsoft Windows operating systems is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability in Mozilla Firefox and Firefox ESR browsers allows a hacker to execute arbitrary code.

The vulnerability of Mozilla Firefox and Firefox ESR browsers is related to writing beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the JavaScript “Promise” object in browsers such as Mozilla Firefox and Firefox ESR allows a perpetrator to execute arbitrary code.

The vulnerability of the JavaScript “Promise” object in Mozilla Firefox and Firefox ESR browsers is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

The vulnerability of the soup_headers_parse_request() function in the libsoup library, a graphical interface library for GNOME, allows a hacker to trigger a service failure.

The vulnerability of the soupheadersparserequest function in the GNOME graphical interface library libsoup is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending a special...

CVE-2025-48990

NeKernal is a free and open-source operating system stack. Version 0.0.2 has a 1-byte heap overflow in rtcopymemory, which unconditionally wrote a null terminator at dstlen. When len equals the size of the destination buffer 256 bytes, that extra '\0' write overruns the buffer by one byte. To avo...

CVE-2025-48990

NeKernal (version 0.0.2) has a 1-byte heap overflow in rt_copy_memory that writes a null terminator to dst[len]. When len equals the destination buffer size (256 bytes), this extra write overruns the buffer by one byte. The patch in commit fb7b7f658327f659c6a6da1af151cb389c2ca4ee removes the over...

CVE-2025-48990 NeKernel has Heap Overflow in `rt_copy_memory`

NeKernal is a free and open-source operating system stack. Version 0.0.2 has a 1-byte heap overflow in rtcopymemory, which unconditionally wrote a null terminator at dstlen. When len equals the size of the destination buffer 256 bytes, that extra '\0' write overruns the buffer by one byte. To avo...

CVE-2025-48990 NeKernel has Heap Overflow in `rt_copy_memory`

NeKernal is a free and open-source operating system stack. Version 0.0.2 has a 1-byte heap overflow in rtcopymemory, which unconditionally wrote a null terminator at dstlen. When len equals the size of the destination buffer 256 bytes, that extra '\0' write overruns the buffer by one byte. To avo...

CVE-2025-1246

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operation...

The vulnerability in the fs/btrfs/extent_io.h module of the Linux operating system’s kernel allows a hacker to increase their privileges.

The vulnerability in the fs/btrfs/extentio.h module of the Linux operating system’s file system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

Vulnerability of the VS6EditData!CDrawSLine::GetRectArea() function of the HMI configuration software for Monitouch V-SFT: This vulnerability allows an attacker to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the VS6EditData!CDrawSLine::GetRectArea function of the HMI configuration software for Monitouch V-SFT is related to the occurrence of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to...

The vulnerability of the VS6ComFile!CV7BaseMap::WriteV7DataToRom() function of the Monitouch V-SFT HMI configuration software allows a malicious individual to gain unauthorized access to protected information, execute arbitrary code, or cause service failure.

The vulnerability of the VS6ComFile!CV7BaseMap::WriteV7DataToRom function of the HMI configuration software for Monitouch V-SFT lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected informatio...

Fedora: Security Advisory (FEDORA-2024-c83b7dcae0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...