504 matches found
EUVD-2026-17834
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
CVE-2026-23406
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
UBUNTU-CVE-2026-23406
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in matchchar macro usage The matchchar macro evaluates its character parameter multiple times when traversing differential encoding chains. When invoked with str++, the string pointer advances on eac...
PT-2026-29489
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc7-next-20260127 Description The Linux kernel contains a flaw within the apparmor subsystem, specifically in the match char macro. This macro incorrectly evaluates its character parameter multiple times...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
MuddyWater Targets MENA Organizations with GhostFetch, CHAR, and HTTP_VIP
The Iranian hacking group known as MuddyWater aka Earth Vetala, Mango Sandstorm, and MUDDYCOAST has targeted several organizations and individuals mainly located across the Middle East and North Africa MENA region as part of a new campaign codenamed Operation Olalampo. The activity, first observe...
CVE-2020-36972
SmartBlog 2.0.1 contains a blind SQL injection vulnerability in the 'idpost' parameter of the details controller that allows attackers to extract database information. Attackers can systematically test and retrieve database contents by injecting crafted SQL queries that compare...
Improperly Controlled Sequential Memory Allocation
Overview com.foxinmy:weixin4j-base is a 微信开发基础工程 Affected versions of this package are vulnerable to Improperly Controlled Sequential Memory Allocation due to improper control of memory allocation in the CharArrayBuffer and ClassUtil components. An attacker can cause excessive memory consumption ...
CVE-2026-24819
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...
CVE-2026-24819 An out-of-memory (OOM) issue in foxinmy/weixin4j
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...
CVE-2026-24819
CVE-2026-24819 refers to an Improperly Controlled Sequential Memory Allocation in foxinmy/weixin4j (weixin4j-base module), affecting CharArrayBuffer and ClassUtil Java components. Public descriptions in Red Hat, Snyk, and OSV entries confirm the issue impacts weixin4j across versions, with memory...
CVE-2026-24819
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j...
weixin4j security vulnerabilities
Weixin4j is a WeChat development toolkit personally developed by Jinyu. Weixin4j has security vulnerabilities, which stem from improper control over sequential memory allocation in the program files CharArrayBuffer.Java and ClassUtil.Java...
SUSE CVE-2026-22858
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002348)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002348 advisory. The bcmcharioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to...