73865 matches found
SUSE CVE-2026-31533
In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption The -EBUSY handling in tlsdoencryption, introduced by commit 859054147318 "net: tls: handle backlogging of crypto requests", has a use-after-free due to double...
PJSIP 缓冲区错误漏洞
PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier had a buffer error vulnerability, which stemmed from out-of-bounds read...
PT-2026-34990
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc input packet on conn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpc try get cal...
BACnet Stack 缓冲区错误漏洞
BACnet Stack is an open-source protocol stack for BACnet, designed to work on embedded systems, Linux, MacOS, BSD, and Windows. Versions prior to BACnet Stack 1.4.3 contained a buffer error vulnerability. This vulnerability stems from a boundary-crossing read issue in the ReadPropertyMultiple...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a zero-division error in pixclock within tdfxfb...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a notification error where NULL is returned instead of ERRPTR, potentially leading to null pointe...
rust-openssl 缓冲区错误漏洞
rust-openssl is an open-source library in the rust ecosystem that allows for interaction with the OpenSSL library. In versions 0.9.0 to 0.10.78 of rust-openssl, there was a buffer error vulnerability. This vulnerability stemmed from the frompemcallback API not verifying the length returned by use...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function wl1271txallocate. When this function fails and returns-EAGAIN, it misinterprets the...
PT-2026-35010
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Altera TSE driver. When the dma map single function fails within the tse start xmit function, the system returns NETDEV TX OK without freeing the socket buffe...
Hostbill 资源管理错误漏洞
Hostbill is an automated management system for server hosting and cloud services provided by the Polish company Hostbill. Versions 2025-11-24 and 2025-12-01 of Hostbill contain resource management vulnerabilities. These vulnerabilities stem from issues with the Checkout Authentication Flow...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the bnge error path that leads to the dereferencing of a null pointer...
NLTK Simple Random Input Fuzzer for Function Testing
This script is a basic fuzzing tool that generates random inputs strings containing letters, numbers, and special characters and feeds them into a target function to test its stability. It runs multiple iterations, monitors for exceptions or crashes, and counts how many errors occur during...
uuid 缓冲区错误漏洞
uuid is a JavaScript module developed by UUID, which allows for the generation of RFC-compliant UUIDs in JavaScript. Versions of uuid prior to 14.0.0 contained a buffer error vulnerability. This vulnerability stems from functions v3, v5, and v6 accepting external output buffers without rejecting...
PT-2026-35049
Name of the Vulnerable Software and Affected Versions Axios versions prior to 1.15.1 Axios versions prior to 0.31.1 Description The toFormData function recursively processes nested objects without a depth limit. Consequently, providing a deeply nested value as request data can cause the Node.js...
OP-TEE Trusted OS 缓冲区错误漏洞
OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. In versions 3.13.0 to 4.10.0 of OP-TEE Trusted OS, there is a buffer error vulnerability. This vulnerability stems from ...
PT-2026-34965
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SMB client when parsing symlink error responses. When a CREATE request returns STATUS STOPPED ON SYMLINK, the smb2 check message function returns success without...
PT-2026-35050
Name of the Vulnerable Software and Affected Versions Axios versions prior to 1.15.1 Axios versions prior to 0.31.1 Description The library is susceptible to a Prototype Pollution Gadget attack. This occurs because the validateStatus configuration property utilizes the mergeDirectKeys merge...
PT-2026-34912
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the spi-dw-dma component where a system crash can occur during the process of waiting for a transaction to finish. This happens when an error occurs and the device lac...
PT-2026-34968
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the USB gadget Phonet function where a USB host can cause an overflow of the skb shared info-frags array. This occurs when the host sends an unbounded sequence of...
PT-2026-34975
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A malicious USB device claiming to be a CDC Phonet modem can cause an overflow of the skb shared info-frags array in the rx complete function by sending an unbounded sequence of full-pag...