Google Pixel Buffer Overflow Vulnerability (CNVD-2025-16956)

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking, which allows out-of-bounds reads of memory and can be exploited by an attacker to run arbitrary code in the context of an...

Ubuntu: Security Advisory (USN-7637-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-34127

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler SEH due to insufficient bounds checking on user-supplied input leading to remote code executio...

Ubuntu 24.04 LTS : libjxl vulnerabilities (USN-7637-1)

The remote Ubuntu 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7637-1 advisory. It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to...

emacs: arbitrary code execution via Lisp macro expansion

A flaw was found in Emacs. Viewing or editing an untrusted Emacs Lisp source code file can cause arbitrary code execution due to unsafe macro expansion when a user has configured elisp-completion-at-point for code completion or has enabled automatic error checking, such as Flymake or Flycheck...

USN-7637-1: libjxl vulnerabilities

It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service. CVE-2023-0645 It was discovered that libjxl did not perform proper bounds checking when decoding...

kernel: net: atlantic: fix aq_vec index out of range error

A vulnerability was found in the Linux kernel's Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service...

kernel: net: atlantic: fix aq_vec index out of range error

A vulnerability was found in the Linux kernel's Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service...

AZL-65121 CVE-2025-1735 affecting package php for versions less than 8.3.23-1

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

CVE-2025-1735

CVE-2025-1735 affects PHP pgsql and pdo_pgsql escaping functions across PHP 8.1–8.4 that do not check errors from underlying quoting functions, potentially causing crashes if the Postgres server rejects input. Affected: PHP 8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.*. Roo...

CVE-2025-1735 pgsql extension does not check for errors during escaping

In PHP versions:8.1. before 8.1.33, 8.2. before 8.2.29, 8.3. before 8.3.23, 8.4. pgsql and pdopgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid...

net: ppp: Add bound checking for skb data on ppp_sync_txmung

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a state-checking issue in typec-tcpm, which could lead to a deadlock...

ROS-20250710-06

The Redis database management system DBMS vulnerability is related to boundary checking errors in parsing file names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

SUSE CVE-2025-48386

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...

The vulnerability of the CLI component of the Brocade Fabric OS operating system allows a hacker to trigger a service failure.

The vulnerability of the CLI component of the Brocade Fabric OS operating system is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

UBUNTU-CVE-2025-48386

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...

Microsoft Office 安全漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. The product's common components include Word, Excel, Access, Powerpoint, FrontPage, etc.. A code execution vulnerability exists in Microsoft Office, which is caused due to improper boundary checkin...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking leading to out-of-bounds writes, which could lead to local elevation of privilege...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets is a series of chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek Chipsets that stems from incorrect boundary checking leading to out-of-bounds writes, which could lead to local elevation of privilege...