ROS-20260408-73-0030

A vulnerability in the blkstacklimits function of the block/blk-settings.c component of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260408-73-0018

A vulnerability in the usbparsessendpointcompanion function of the drivers/usb/core/config.c component of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an intruder to affect confidentiality and availability of protected...

GO-2026-4867 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime...

NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

Security Bulletin: Vulnerabilities in Glob might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Glob. The glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names as described by the CVEs in the...

CVE-2026-39360

RustFS is a distributed object storage system built in Rust. Prior to alpha.90, RustFS contains a missing authorization check in the multipart copy path UploadPartCopy. A low-privileged user who cannot read objects from a victim bucket can still exfiltrate victim objects by copying them into an...

CVE-2026-39360

RustFS is a distributed object storage system built in Rust. Prior to alpha.90, RustFS contains a missing authorization check in the multipart copy path UploadPartCopy. A low-privileged user who cannot read objects from a victim bucket can still exfiltrate victim objects by copying them into an...

CVE-2026-39360

RustFS contains an authorization bypass in the multipart copy path (UploadPartCopy) prior to alpha.90. A low-privileged user who cannot read objects from a victim bucket can exfiltrate victim objects by copying them into an attacker-controlled multipart upload and completing the upload, breaking ...

NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

CVE-2025-47400

Cryptographic issue while copying data to a destination buffer without validating its size...

CVE-2025-47389

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...

CVE-2026-21372

Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations...

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

ROS-20260407-73-0007

A vulnerability in the sizelimitmb function of the Linux kernel is related to buffer copying without input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260407-73-0032

A vulnerability in the iio/light/as73211.c component of the Linux kernel is related to buffer copying without input data validation. Exploitation of the vulnerability allows an attacker to cause a denial of service...

PT-2026-30978

Name of the Vulnerable Software and Affected Versions RustFS versions prior to alpha.90 Description RustFS, a distributed object storage system built in Rust, had a missing authorization check in the multipart copy path UploadPartCopy before version alpha.90. This allowed a low-privileged user,...

Linux Distros Unpatched Vulnerability : CVE-2026-23453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was...

EUVD-2025-209231

Cryptographic issue while copying data to a destination buffer without validating its size...

EUVD-2025-209224

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...