PT-2026-43972

Name of the Vulnerable Software and Affected Versions libusb versions prior to 1.0.30 Description A one-byte out-of-bounds read exists in the parse iad array function within descriptor.c. This occurs when a malformed USB descriptor is supplied where the bLength equals the size minus one, causing...

CVE-2025-53901

Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder. The specific bug is triggered by calling pathopen after calling...

SUSE-SU-2019:0081-1 Security update for sssd

This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377 These non-security issues were fixed: - Fix a segmentation fault in ssscac...

DEBIAN-CVE-2017-16535

The usbgetbosdescriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service out-of-bounds read and system crash or possibly have unspecified other impact via a crafted USB device...

Linux Kernel 2.6.28 - fasync_helper() Local Privilege Escalation

Linux Kernel 2.6.28 - fasynchelper Local Privilege Escalation / source: https://www.securityfocus.com/bid/37806/info Linux kernel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges. Successful...