CVE-2026-25541

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541

Bytes is vulnerable in versions 1.2.1–before 1.11.1 due to an integer overflow in BytesMut::reserve. In the unique reclaim path, an unchecked addition in the condition v_capacity >= new_cap + offset can cause new_cap + offset to overflow usize in release builds, making self.cap exceed the actu...

Bytes 安全漏洞

Bytes is a tool developed by Tokio for processing byte streams. Versions of Bytes from 1.2.1 to 1.11.1 contained security vulnerabilities. These vulnerabilities were due to integer overflows in the BytesMut::reserve function, which could lead to out-of-bounds slicing...

CVE-2026-25541

creationtimestamp| type| source ---|---|--- 2026-02-03 14:12:09+00:00| published-proof-of-concept| https://github.com/tokio-rs/bytes/security/advisories/GHSA-434x-w66g-qw3r...

SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:0360-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0360-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in...

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2026:0358-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0358-1 advisory. - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyrespon...

SUSE-SU-2026:0360-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. - CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex functi...

CVE-2020-37031

Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memo...

CVE-2026-24889

soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...

MGASA-2026-0029 Updated openssl packages fix security vulnerabilities

Stack buffer overflow in CMS AuthEnvelopedData parsing. CVE-2025-15467 Heap out-of-bounds write in BIOflinebuffer on short writes. CVE-2025-68160 Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. CVE-2025-69418 Out of bounds write in PKCS12getfriendlyname UTF-8...

SUSE CVE-2025-69418

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

PT-2026-5472

Name of the Vulnerable Software and Affected Versions Simple Startup Manager version 1.17 Description Simple Startup Manager version 1.17 contains a local buffer overflow that allows attackers to execute arbitrary code. The issue occurs due to overwriting memory through the 'File' input parameter...

SUSE-SU-2026:0343-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. - CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex functi...

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-22795: Missing ASN1TYPE validation in PKCS12 parsing bsc1256839. CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. CVE-2025-69421: NULL Pointer Dereference in PKCS12itemdecryptd2iex function...

CVE-2020-36995

CVE-2020-36995 affects Mocha Telnet Lite for iOS 4.2. The vulnerability is a denial-of-service through user configuration input: an attacker can overwrite the 'User' field with 350 repeated characters to crash the app, leading to loss of normal functionality. The affected software/component is iO...

EUVD-2020-30914

Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...