lwip 缓冲区错误漏洞

lwIP is an open-source implementation of the TCP/IP protocol stack developed by lwIP Developers. Versions of lwIP 2.2.1 and earlier contained a buffer error vulnerability. This vulnerability originated from the function snmpparseinboundframe in the SNMPv3 USM Handler component. The operation of t...

PT-2026-36518

Name of the Vulnerable Software and Affected Versions Open Vehicle Monitoring System 3 OVMS3 version 3.3.005 Description A buffer overflow occurs because the parser in canformat canswitch.cpp does not properly validate a CANswitch DLC value. This allows remote attackers to cause a denial of servi...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of validation on attacker-controlled counts and lengths in the SPDY/3 frame parser. An attacker can exhaust process memory and cause an out-of-memory crash by sending ...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of validation on attacker-controlled counts and lengths in the SPDY/3 frame parser. An attacker can exhaust process memory and cause an out-of-memory crash by sending ...

CVE-2026-35469

spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count ...

[SECURITY] [DLA 4478-1] tcpflow security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4478-1 [email protected] https://www.debian.org/lts/security/ Paride Legovini February 10, 2026 https://wiki.debian.org/LTS -...

Debian dla-4478 : tcpflow - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4478 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4478-1 [email protected] https://www.debian.org/lts/security/...

CVE-2026-22214 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in ethos Serial Frame Parser

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...

CVE-2026-22214 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in ethos Serial Frame Parser

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...

CVE-2026-22214

Summary: RIOT OS

EUVD-2017-2652

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-41427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4AvcFrameParser::Feed function in mp4mux. CVE-2022-41427 Note that Nessus relies on the...

CVE-2022-41427

Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4AvcFrameParser::Feed function in mp4mux...

UBUNTU-CVE-2022-41427

Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4AvcFrameParser::Feed function in mp4mux...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version v1.6.0-639, which stems from a memory leak in the AP4AvcFrameParser::Feed method of the mp4mux component...

PT-2022-25861 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A memory leak was discovered in the AP4 AvcFrameParser::Feed function in mp4mux. Recommendations: For Bento4 version 1.6.0-639, consider updating to a newer version that contains a fix for this issue,...

Denial Of Service (DoS)

wpasupplicant is vulnerable to denial of service DoS attacks. The vulnerability exists as Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpasupplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of...

Buffer overflow

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIRMACAUTHCHALLENGELENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the drive...

Oracle: Security Advisory (ELSA-2015-1439)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

hostapd and wpa_supplicant WMM Action Frame Parser Integer Overflow Vulnerability

hostapd is a daemon that implements a wireless access point AP and authentication server. wpasupplicant is a daemon that runs in the background and is used to support WEP, WPA/WPA2 and WAPI wireless protocols and encrypted authentication. An integer overflow vulnerability exists in the WMM Action...