PT-2026-30348

NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004124)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004124 advisory. A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. An attacker exploits the vulnerability to cause a program to crash...

PT-2023-25847 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: distributed file system affected versions not specified Description: The issue is a format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program...

SUSE CVE-2004-0554

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service system crash, possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program...

SUSE CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

OpenSSL 资源管理错误漏洞

OpenSSL is an open source capable general-purpose cryptographic library from the OpenSSL team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

LibTIFF input validation error vulnerability

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command-line tools for working with TIFF files.A security vulnerability in the LibTIFF tiffcrop utility stems from the existence of a faulty input validation flaw that could be...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-44209)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in Google TensorFlow versions prior to 2.9.0, prior to 2.8.1, prior to 2.7.2, and prior to 2.6.4, which stems from the presence of a non-numeric...

Wireshark MIME Parser Denial of Service Vulnerability

Wireshark is a suite of network packet analysis software from the Wireshark team. A security vulnerability in the processing of messages by the Wireshark MIME parser can be exploited by a remote attacker to submit a special request that can crash an application...

Denial of Service Vulnerability in Foxit Reader

Foxit Reader is a set of software used to read PDF format files, developed by Foxit Software Fujian. A denial of service vulnerability exists in Foxit Reader, which can be exploited by attackers to cause a denial of service...

CVE-2020-10732

A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data...

Memory Corruption Vulnerability in WPS Office for Windows (CNVD-2020-34026)

WPS Office for Windows is the software of Zhuhai Kingsoft Office Software Co., Ltd, which can realize the text, table, presentation and many other functions commonly used in office software. A memory corruption vulnerability exists in WPS Office for Windows, which can be exploited by attackers to...

icoutils local code execution vulnerability

icoutils is a set of command line programs for extracting and converting images from Microsoft Windows icon and cursor files. A security vulnerability exists in icoutils that could be exploited by a local attacker to submit a special file that could crash an application or execute arbitrary code...

USN-3069-1 eog vulnerability

It was discovered that Eye of GNOME incorrectly handled certain invalid UTF-8 strings. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code...

Founder's FIT Handling FIT File Memory Corruption Vulnerability (CNVD-2016-12759)

Founder Fetion is a comprehensive typesetting software integrating images, texts and forms developed by Beijing Beifang Founder Electronics Co. A memory corruption vulnerability exists in Founder Fetion's handling of FIT files, which allows an attacker to exploit the vulnerability to construct a...

Mozilla: Out of bounds write in NSPR (MFSA 2014-55)

An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version o...

Info-ZIP UnZip Out-of-Bounds Write Heap Buffer Overflow Vulnerability

unzip is a tool for decompressing the .zip file format under Unix. Info-ZIP The UnZip testcompreb function is vulnerable to an out-of-bounds write heap buffer overflow that allows attackers to construct malicious files that can be tricked into parsing by the user, crashing the application...

security flaw

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service system crash, possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program...