EUVD-2026-28294

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. From version 0.26.0 to before version 0.31.8.0, the auth filter has the deactivated/banned user check commented out. This issue has been patched in version...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

SUSE-SU-2026:1313-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: - Fix the CVE-2026-24684 patch, as the previous version wrongly deleted a check for an error condition bsc1257991...

CLSA-2026-1774009875 Fix CVE(s): CVE-2026-25210

SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210...

EUVD-2022-26923

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-50398

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: add atomiccheck to bridge ops DRM committails will disable downstream crtc/encoder/bridge if both disable crtc is required and crtc-active is set before pushing a new frame downstream. There is a rare case that user...

Linux Distros Unpatched Vulnerability : CVE-2025-38375

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtio-net: ensure the received length does not exceed allocated size In xdplinearizepage, when reading the following buffers from the ring, we forget to check...

CVE-2023-20676

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518...

CVE-2025-20660

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186...

Linux Distros Unpatched Vulnerability : CVE-2024-36881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/userfaultfd: reset ptes when close for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from all the relevant pgtable...

CVE-2024-49568 net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg

In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2extoffset/eidcnt/ismgidcnt when receiving proposal msg When receiving proposal msg in server, the fields v2extoffset/ eidcnt/ismgidcnt in proposal msg are from the remote client and can not be fully trusted...

CVE-2024-20118

CVE-2024-20118 affects the MediaTek mms component, with an out-of-bounds write caused by an incorrect bounds check. This can lead to local escalation of privilege and SYSTEM privileges are required for exploitation; no user interaction is needed. A patch is referenced as ALPS09062392 (MSV-1621). ...

CVE-2024-20109

CVE-2024-20109 affects the component identified as ccu (referenced across Red Hat/NVD entries and related advisories). The root cause is a missing bounds check that allows an out-of-bounds write, resulting in local escalation of privileges with System-level execution privileges required. No user ...

DEBIAN-CVE-2022-48703

In the Linux kernel, the following vulnerability has been resolved: thermal/int340xthermal: handle datavault when the value is ZEROSIZEPTR In some case, the GDDV returns a package with a buffer which has zero length. It causes that kmemdup returns ZEROSIZEPTR 0x10. Then the datavaultread got NULL...

CVE-2023-32887

In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 MSV-892...

CVE-2023-20604

In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067...

PT-2022-14800 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the pop descriptor string function of BufferDescriptor.h due to a missing bounds check. This could lead to local information disclosure and requires System...

CVE-2022-26460

In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032590; Issue ID: ALPS07032590...

CLSA-2022-1660064148 Fix CVE(s): CVE-2020-17525

SECURITY UPDATE: Denial of Service - debian/patches/CVE-2020-17525.patch: Add missing NULL check. - CVE-2020-17525...

CVE-2022-20063

In atf spm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171715; Issue ID: ALPS06171715...