SUSE CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

Linux Distros Unpatched Vulnerability : CVE-2026-46218

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check...

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218 drm/amdgpu: Add bounds checking to ib_{get,set}_value

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

The vulnerability CVE-2026-46218 affects the Linux kernel DRM AMDGPU driver. The issue is in ib_get_value/ib_set_value where the uvd/vce/vcn code accessed the Instruction Buffer (IB) at predefined offsets without verifying the IB size, enabling out-of-bounds reads/writes. The root cause is missin...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks in the ibget,setvalue function within drm/amdgpu, potentially leading...

Null-pointer dereference and double-free via safe APIs

Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libexif (UTSA-2026-014285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014285 advisory. libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten du...

CVE-2025-12214

A vulnerability was detected in Tenda O3 1.0.0.102478. This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and...

CVE-2025-12211

A security flaw has been discovered in Tenda O3 1.0.0.102478. Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-12213

CVE-2025-12213 affects Tenda O3 1.0.0.10(2478). The vulnerability is a stack-based overflow in the SetValue/GetValue handling of /goform/setVlanConfig via crafted lan input, enabling remote exploitation. Public disclosures exist. Connected sources (CNVD/CNNVD/NVD/PT-2025-43873) corroborate a buff...

CVE-2025-12210 Tenda O3 AdvSetLanip GetValue stack-based overflow

A vulnerability was identified in Tenda O3 1.0.0.102478. Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is...

PT-2025-43873

Name of the Vulnerable Software and Affected Versions Tenda O3 version 1.0.0.102478 Description A security issue exists in Tenda O3 version 1.0.0.102478. The SetValue/GetValue function within the /goform/setVlanConfig file is susceptible to a stack-based buffer overflow. This occurs through...

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

Frappe Technologies Frappe Framework 安全漏洞

Frappe Technologies Frappe Framework is a metadata-driven full-stack web application framework based on Python and JavaScript from Frappe Technologies, India. A security vulnerability exists in Frappe Technologies Frappe Framework version 15.72.4, which stems from an SQL injection in the fieldnam...

PT-2025-40353

Name of the Vulnerable Software and Affected Versions Frappe Framework version 15.72.4 Description A SQL injection issue exists in Frappe Framework. The issue is located in the fieldname parameter of the frappe.client.get value API endpoint. A crafted script provided to the fieldname parameter ca...

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

Exploit for CVE-2025-56380

CVE-2025-56380 — Time-based Blind SQL Injection in Frappe / ER...