CVE-2026-43032

CVE-2026-43032 affects the Linux kernel NFC pn533/pn532 UART receive path. The root cause is that pn532_receive_buf() appends incoming bytes to dev->recv_skb and only clears the partial frame when a complete PN532 frame header is recognized, allowing a continuous invalid stream to grow the skb...

CVE-2026-27889 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. This happens before authentication, and...

GHSA-PQ2Q-RCW4-3HR6 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. When using WebSockets, a malicious client can trigger a server crash with crafted frames, before authentication. Problem Description A missi...

ALPINE-CVE-2026-29068

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, there is a stack buffer overflow vulnerability when pjmedia-codec parses an RTP payload contain more frames than the caller-provided frames can hold. This issue has been patched in version 2.17...

UBUNTU-CVE-2025-34457

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kissrecbyte located in src/kissframe.c. When processing crafted KISS frames that reach the maximum allowed frame length MAXKISSLEN, the function...

UBUNTU-CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

CVE-2025-5828

Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Wallbox Commercial EV chargers. Authentication is not required to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from exceeding the maximum value of a stack frame...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

kernel: IGB driver inadequate buffer size for frames larger than MTU

A flaw was found in igbconfigurerxring in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel. An overflow of the contents from a packet that is too large will overflow into the kernel's ring buffer, leading to a system integrity issue...

GHSA-496J-2RQ6-J6CC Excessive Iteration in gRPC

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

DEBIAN-CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

AZL-27911 CVE-2023-33953 affecting package grpc 1.42.0-11

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

UBUNTU-CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

SUSE CVE-2023-25667

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

AZL-35312 CVE-2023-25667 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...

SUSE CVE-2007-2893

Heap-based buffer overflow in the bxne2kc::rxframe function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register...

UBUNTU-CVE-2021-46829

GNOME GdkPixbuf aka GDK-PixBuf before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c compositeframe. This overflow is controllable and could be abused for code execution, especially on 32-bit systems...

SUSE: Security Advisory (SUSE-SU-2014:0760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated glibc package fixes security vulnerabilities

Updated glibc packages fixes the following security issues: Integer overflow in string/strcolll.c in the GNU C Library aka glibc or libc6 2.17 and earlier allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string, which triggers a...