CVE-2026-53186

The CVE-2026-53186 issue affects the Linux kernel RDMA/srp path. srp_process_rsp() copies sense data using resp_data_len (provided by the SRP target) without bounding against the actual received bytes (wc->byte_len). Although the copy length is limited to SCSI_SENSE_BUFFERSIZE (96 bytes), the ...

CVE-2026-48514 MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...

Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow

Impact Most apps will crash and some may perform incorrect buffer allocations in the Node.js Buffer API resulting in unexpected truncation or allocation. Workarounds No workarounds. Do not use these impacted Electron releases Fixed Versions 42.3.3 For more information If you have any questions or...

NPM: Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow

NPM: Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow vulnerability discovered by ? in WordPress Npm electron versions = 42.3.1, 42.3.3...

CVE-2026-10142 kafka-python prior to 2.3.2 Denial of Service via Protocol Parser Frame Length

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

CVE-2026-48685

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...

CVE-2026-31659

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadvttpreparetvlvglobaldata builds the allocation length for a global TT response in 16-bit temporaries. When a remote originator advertises a large enough global TT, the ...

PT-2026-26148

Name of the Vulnerable Software and Affected Versions Sliver versions 1.7.3 and below Description Sliver is a command and control framework that utilizes a custom Wireguard network stack. Versions 1.7.3 and below contain a Remote Out-of-Memory OOM issue in the mTLS and WireGuard C2 transport laye...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Vulnerabilities existed in versions prior to PostgreSQL 18.2, 17....

EUVD-2020-0596

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-10050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

SUSE CVE-2024-50218

In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2truncateinline maybe overflow Syzbot reported a kernel BUG in ocfs2truncateinline. There are two reasons for this: first, the parameter value passed is greater than ocfs2maxinlinedatawithxattr, second, the...

DEBIAN-CVE-2024-50218

In the Linux kernel, the following vulnerability has been resolved: ocfs2: pass u64 to ocfs2truncateinline maybe overflow Syzbot reported a kernel BUG in ocfs2truncateinline. There are two reasons for this: first, the parameter value passed is greater than ocfs2maxinlinedatawithxattr, second, the...

CVE-2024-43410 Russh has an OOM Denial of Service due to allocation of untrusted amount

Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length,...

Buffer Overflow

vyper is vulnerable to buffer overflow. The vulnerability exists due to a lack of verification of bytes byte length resulting n a buffer overrun...

DEBIAN-CVE-2004-2779

id3utf16deserialize in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service DoS...

WordPress 4.2. 2 fix 4. 2. 1 in the truncated Xss patch analysis-vulnerability warning-the black bar safety net

Vulnerability analysis In the patch description, wherein a bar is fixed at 4. 2. 1 version of the patch bypass afterxssissues, take the opportunity the following analysis in response toxssgenerated during the use of different truncation methods multiple times to repair after currently specific...