Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in...

CVE-2026-7055

A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The...

EUVD-2026-19307

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in undopxr24impl in src/lib/OpenEXRCore/internalpxr24.c at line 377. The...

CVE-2026-5350

A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function updatepcdb of the file /setup.cgi. The manipulation of the argument macpcdba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the...

Important: openssl

Issue Overview: If an application using the SSLCIPHERfind function in a QUIC protocol client or server receives an unknown cipher suite from the peer, a NULL dereference occurs. CVE-2025-15468 A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-3019:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3019:01 advisory. httpd: modlua: Possible buffer overflow when parsing multipart content CVE-2021-44790 Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000895)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000895 advisory. Buffer overflow in the ozcdevwrite function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or...

SUSE CVE-2025-11964

On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf16letoutf8truncated can write data beyond the end of the provided buffer...

CVE-2025-13190

A vulnerability was found in D-Link DIR-816L 206b09beta. This vulnerability affects the function scandirmain of the file /portal/ajaxexporer.sgi. The manipulation of the argument en results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public a...

CVE-2025-39988 can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

CVE-2025-59729 Heap-buffer-overflow read in FFmpeg DHAV get_duration

When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before the start of the allocated buffer. If we load a DHAV file that is larger than MAXDURATIONBUFFERSIZE bytes 0x100000 for example 0x101000 bytes, then at 0 we ha...

AZL-64410 CVE-2025-6818 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5Ochunkprotect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may ...

kernel: ibmvnic: Use kernel helpers for hex dumps

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of 8 then a read buffe...

UBUNTU-CVE-2025-30472

Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orftokenendianconvert in exec/totemsrp.c via a large UDP packet...

CVE-2024-52533

gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character...

CVE-2024-35423

vmir e8117 was discovered to contain a heap buffer overflow via the wasmparsesectionfunctions function at /src/vmirwasmparser.c...

AZL-42946 CVE-2024-39291 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix buffer size in gfxv943init cpcomputemicrocode and rlcmicrocode The function gfxv943initmicrocode in gfxv943.c was generating about potential truncation of output when using the snprintf function. The issue was due...

UBUNTU-CVE-2024-29159

HDF5 through 1.14.3 contains a buffer overflow in H5Zfilterscaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

UBUNTU-CVE-2023-26793

libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in readiostatus function in src/modbus.c...

Dell BIOS 缓冲区错误漏洞

Dell BIOS is embedded software on a small memory chip on the motherboard of a computer from Dell USA. Dell BIOS suffers from a buffer overflow vulnerability that stems from the inclusion of an out-of-bounds write vulnerability that can be exploited by a local attacker with administrator privilege...