CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992837)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992837 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor elements, the code here assumes...

EUVD-2019-2620

Malware in sbrugna...

EUVD-2020-3470

Malware in sbrugna...

CVE-2019-10566

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service that may occur when the driver parses each STA profile IE and attempts to access the EXTN element ID without checking the IE length...

SUSE CVE-2022-49023

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor elements, the code here assumes that 5 octets are present without checking. Since the element itself is already checked to fit, we only need to check the length...

PT-2025-2708 · Qualcomm · Snapdragon +167

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A transient Denial of Service DOS can occur when the driver parses the per STA profile Information Element IE and attempts to access the EXTN element ID...

PT-2024-18887 · Qualcomm · Snapdragon +57

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves information disclosure while parsing sub-IE length during new IE generation. No estimated number of potentially affected devices or...

Apache Guacamole 注入漏洞

Apache Guacamole is a clientless remote desktop gateway from the Apache USA Foundation. The product supports protocols such as VNC, RDP and SSH. An injection vulnerability exists in Apache Guacamole 1.5.1 and earlier versions, which stems from the possibility of incorrectly calculating the length...

SUSE CVE-2019-10898

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsmgsup.c by rejecting an invalid Information Element length...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. a way of miniaturizing circuitry including primarily semiconductor devices, but also passive components, etc. and is manufactured from time to time on the surface of semiconductor wafers. A security vulnerability exists in multiple Qualcom...

CVE-2021-43573

A buffer overflow was discovered on Realtek RTL8195AM devices before 2.0.10. It exists in the client code when processing a malformed IE length of HT capability information in the Beacon and Association response frame...

kernel: buffer-overflow hardening in WiFi beacon validation code.

A flaw in the Linux kernel's WiFi beacon validation code was discovered. The code does not check the length of the variable length elements in the beacon head potentially leading to a buffer overflow. System availability, as well as data confidentiality and integrity, can be impacted by this...

CVE-2019-10898

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsmgsup.c by rejecting an invalid Information Element length...

CVE-2019-10898

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsmgsup.c by rejecting an invalid Information Element length...

CVE-2019-10898

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsmgsup.c by rejecting an invalid Information Element length...

kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption

In the function wmisetie in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the ‘ielen’ argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to...

UBUNTU-CVE-2017-9712

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlanhddcfg80211setie, a buffer over-read occurs...

CVE-2008-5236

Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to execute arbitrary code via vectors related to 1 a crafted EBML element length processed by the parseblockgroup function in demuxmatroska.c; 2 a certain combination of sps, w,...