Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: Intel: avs: Fixed a potential RX buffer overflow issue. If an event causes the firmware to return an invalid RX size for LARGECONFIGGET, memcpyfromio might end up copying too many bytes. This issue was fixed by using min...

EUVD-2026-26094

OpenClaw before 2026.3.31 stores Nostr privateKey as plaintext in configuration, allowing exposure through config.get method calls that bypass redaction mechanisms. Attackers can retrieve unredacted configuration data to obtain plaintext signing keys used for Nostr protocol operations...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained a security vulnerability. This vulnerability stemmed from storing the Nostr privateKey in plain text within the configuration files. It was exploited through a call...

EUVD-2026-21141

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...

CVE-2026-35644

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...

CVE-2026-35644 OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Fields in Gateway Snapshots

OpenClaw before 2026.3.22 contains an information disclosure vulnerability that allows attackers with operator.read scope to expose credentials embedded in channel baseUrl and httpUrl fields. Attackers can access gateway snapshots via config.get and channels.status endpoints to retrieve sensitive...

CVE-2026-35644

OpenClaw before 2026.3.22 has an information disclosure vulnerability that allows attackers with operator.read scope to exfiltrate credentials embedded in channel baseUrl and httpUrl fields..adversaries can retrieve sensitive authentication information from gateway snapshots via config.get and ch...

SUSE CVE-2022-50325

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...

CVE-2022-50325

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...

DEBIAN-CVE-2022-50325

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...

UBUNTU-CVE-2022-50325

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...

CVE-2022-50325

CVE-2022-50325 (Linux kernel) is detailed in connected documents as an ASoC: Intel avs issue, where firmware may return an invalid RX size for LARGE_CONFIG_GET, causing memcpy_fromio() to copy too many bytes. Root cause: RX size handling overflow in the RX buffer due to missing bounds check. Miti...

CVE-2022-50325 ASoC: Intel: avs: Fix potential RX buffer overflow

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...

Linux Distros Unpatched Vulnerability : CVE-2021-36417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gfisomdoviconfigget function in MP4Box, which causes a denial of service or execute...

CVE-2022-36190

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gfisomdoviconfigget. This vulnerability was fixed in commit fef6242...

CVE-2024-25735

An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...

kernel: ASoC: Intel: avs: Fix potential RX buffer overflow

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGECONFIGGET, memcpyfromio could end up copying too many bytes. Fix by utilizing mint...

CVE-2022-36191

A heap-buffer-overflow had occurred in function gfisomdoviconfigget of isomedia/avcext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242...

UBUNTU-CVE-2022-36191

A heap-buffer-overflow had occurred in function gfisomdoviconfigget of isomedia/avcext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242...

PT-2022-23250 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC mp4box version 2.1-DEV-revUNKNOWN-master Description: The issue is a use-after-free vulnerability in the function gf isom dovi config get. This vulnerability was fixed in commit fef6242. Recommendations: For GPAC mp4box version...