2842 matches found
CVE-2025-36924
In ssDecodeLcsAssistDataReqMsgvoid of ssLcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-36924
In ssDecodeLcsAssistDataReqMsgvoid of ssLcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-36924
CVE-2025-36924 describes an out-of-bounds write in ss_DecodeLcsAssistDataReqMsg() within ss_LcsManagement.c due to an incorrect bounds check. The impact is remote escalation of privilege with no additional execution privileges needed and no user interaction required. Connected sources include And...
CVE-2025-36923
CVE-2025-36923 affects the NrmmDecoder::DecodeSORTransparentContext function in cn_NrmmDecoder.cpp, where a heap buffer overflow can cause an out-of-bounds write. This could enable remote (proximal/adjacent) escalation of privilege with no user interaction required. Exploitation details, affected...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2529)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself ...
EUVD-2023-60175
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
CVE-2023-53821
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
UBUNTU-CVE-2023-53821
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
UBUNTU-CVE-2022-50665
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix failed to find the peer with peerid 0 when disconnected It has a fail log which is ath11kdbg in ath11kdprxprocessmonstatus, as below, it will not print when debugmask is not set ATH11KDBGDATA. ath11kdbgab,...
CVE-2023-53821 ip6_vti: fix slab-use-after-free in decode_session6
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
CVE-2023-53821 ip6_vti: fix slab-use-after-free in decode_session6
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
CVE-2023-53821
In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...
Linux Distros Unpatched Vulnerability : CVE-2023-53821
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during...
PT-2025-49712
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-next-20230707-00001-g84e2cad7f979 Description The Linux kernel contains a flaw within the ipv6 vti module, specifically in the decode session6 function, that can lead to a slab-use-after-free condition. Thi...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857...
SUSE-SU-2025:4320-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857. ...
SUSE-SU-2025:21168-1 Security update for python-cbor2
This update for python-cbor2 fixes the following issues: - CVE-2025-64076: Fixed bug in decodedefinitelongstring that causes incorrect chunk length calculation bsc1253746. Already fixed in release 5.6.3: - CVE-2024-26134: Fixed potential crash when hashing a CBORTag bsc1220096...
OPENSUSE-SU-2025:20133-1 Security update for python-cbor2
This update for python-cbor2 fixes the following issues: - CVE-2025-64076: Fixed bug in decodedefinitelongstring that causes incorrect chunk length calculation bsc1253746. Already fixed in release 5.6.3: - CVE-2024-26134: Fixed potential crash when hashing a CBORTag bsc1220096...
Remote Code Execution (RCE)
Parse is vulnerable to remote code execution RCE. The vulnerability is due to improper handling of malicious payloads in several methods including ParseObject.fromJSON, ParseObject.pin, ParseObject.registerSubclass, and internal encode/decode functions, which allows an attacker to inject data tha...
CVE-2025-64076
A flaw was found in cbor2. This vulnerability allows denial of service through process crashes or memory exhaustion via sending specially-crafted CBOR data containing definite-length text strings with multi-byte UTF-8 characters...