EUVD-2026-26686

AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotpcontinuereceive receive.c:87-89, the payloadlength for a Single Frame is extracted from a 4-bit nibble in the CAN frame data, yielding values 0-15. However, a standard CAN frame is only 8...

EUVD-2016-10845

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return...

php: Stream HTTP wrapper truncates redirect location to 1024 bytes

A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989045 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflo...

Linux Distros Unpatched Vulnerability : CVE-2021-47336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smackfs: restrict bytes count in smksetcipso Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date:...

CVE-2022-49292

CVE-2022-49292 is tied to the Linux kernel ALSA oss PCM buffer allocation overflow. The vulnerability occurs when snd_pcm_plug_alloc() may allocate an oversized temporary buffer during data conversion if hardware parameters allow larger-than-expected period/buffer sizes, risking an INT_MAX overfl...

CVE-2024-41026 mmc: davinci_mmc: Prevent transmitted data size from exceeding sgm's length

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevent transmitted data size from exceeding sgm's length No check is done on the size of the data to be transmiited. This causes a kernel panic when this size exceeds the sgmiter's length. Limit the number of...

UBUNTU-CVE-2021-47336

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smksetcipso Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001 Date: Mon, 12 Apr 2021 22:25:06 +0900 Subject: PATCH smackfs: restrict byt...

AZL-39004 CVE-2023-45288 affecting package helm for versions less than 3.15.2-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39625 CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl4-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-38956 CVE-2023-45288 affecting package cri-tools for versions less than 1.30.1-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39202 CVE-2023-45288 affecting package packer for versions less than 1.10.1-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-34735 CVE-2023-6246 affecting package glibc for versions less than 2.38-6

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

DEBIAN-CVE-2022-2929

In ISC DHCP 1.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory...

golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header

A vulnerability was detected in net/http of the Go standard library when parsing very large HTTP header values, causing a crash and subsequent denial of service. This vulnerability affects both clients and servers written in Go, however, servers are only vulnerable if the value of MaxHeaderBytes...

CVE-2018-12541

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...

CVE-2017-15118

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...

kernel security, bug fix, and enhancement update

2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...

Cube <= 2005_08_29 Multiple BoF/Crash Vulnerabilities Exploit

No description provided by source. / by Luigi Auriemma You NEED Enet for compiling this tool then remember -lenet http://enet.bespin.org / http://enet.cubik.org / include stdio.h include stdlib.h include string.h include enet/enet.h define VER "0.1" define PORT 28765 define MAXTRANS 5000 define...