Open SAE J1939 资源管理错误漏洞

Open SAE J1939 is an industrial vehicle CAN bus communication protocol library from the individual developer Daniel Mårtensson. Open SAE J1939 suffers from a resource management error vulnerability that stems from an issue in SAEJ1939ReadBinaryDataTransferDM16, which could result in a denial of...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer error vulnerability that stems from the ip4ip6err function failing to clear the cb array of skb2, which results in the IPv6 cb structure...

Prosody 安全漏洞

Prosody is an instant messaging server software from Prosody open source. A security vulnerability exists in Prosody versions prior to 0.12.6 and versions prior to 13.0.5 in versions 1.0.0 through 13.0.0, which stems from improper handling of access control in an activation scenario with...

Imagination Graphics DDK 缓冲区错误漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a buffer error vulnerability that arises from software run by an unprivileged user that may execute improper GPU system calls to force the GPU to write to arbitrary physical memo...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of reference counts during error handling paths. This issue may lead to resourc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked index mapping error in the ALSA ctxfi driver, which could lead to undefined behavior...

Oracle Linux 数字错误漏洞

Oracle Linux is an open and complete operating environment from Oracle Corporation USA that provides virtualization, management and cloud-native computing tools, and operating systems. Oracle Linux suffers from a numeric error vulnerability that stems from integer division by zero in...

PT-2026-36365

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the fastrpc component. The function fastrpc init create static process may free the cctx-remote heap variable on the err map path without clearing the...

CVE-2025-69606

Cross-Site Scripting XSS vulnerability was discovered in the GSVoIP web panel version 2.0.90. The msg parameter in the /painel/gateways.php/error endpoint does not properly sanitize user-supplied input, allowing attackers to inject arbitrary JavaScript into the HTML response. A remote attacker ca...

Open Cascade OCCT 缓冲区错误漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A buffer error vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a stack-based out-of-bounds read issue in the VrmlDataScene::ReadLine function in the VRML parser, as...

PT-2026-36382

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overrun can occur in the me4000 xilinx download function when loading firmware requested by request firmware. The function reads a data stream length from the first 4 bytes into...

FRRouting 缓冲区错误漏洞

FRRouting is FRRouting open source a network routing software suite that runs on Unix-like platforms. FRRouting suffers from a buffer error vulnerability that stems from the presence of a difference-one out-of-bounds write to the bgpflowspecopdecode function, which could lead to a denial of servi...

CVE-2026-37554

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the devmregmapinitmmio error handling checking for NULL instead of ERRPTR in the gpio qixis-fpga driver, whi...

PT-2026-36425

In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devm regmap init mmio devm regmap init mmio returns an ERR PTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invali...

PT-2026-36527

Name of the Vulnerable Software and Affected Versions GSVoIP web panel version 2.0.90 Description A Cross-Site Scripting XSS issue exists where the /painel/gateways.php/error endpoint fails to properly sanitize user-supplied input in the msg parameter. This allows a remote attacker to inject...

PT-2026-36394

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the USB ULPI Ultra Low Power Interface component. When the device register function fails, ulpi register invokes put device on ulpi-dev. The device release...

PT-2026-36367

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Resource leaks occur in the gpiochip add data with key function. Due to gdev-dev.release being unset, the reference count to gdev-dev is not dropped during error handling paths...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to deny a write to a read-only VMA in the drm/xe page error handling, which could lead to elevatio...

Solutions VoIP GSVoIP web panel 跨站脚本漏洞

Solutions VoIP GSVoIP web panel is a VoIP management interface from Solutions VoIP. A cross-site scripting vulnerability in the Solutions VoIP GSVoIP web panel version 2.0.90, which stems from improperly cleaned user input for the msg parameter in the /painel/gateways.php/error endpoint, could le...