golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

EUVD-2025-197894

Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...

EUVD-2019-2358

Malware in sbrugna...

CVE-2024-11166 Traffic Alert and Collision Avoidance System (TCAS) II has an External Control of System or Configuration Setting vulnerability

For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control SLC to the lowest setting and disable the Resolution Advisory RA, leading to a...

PT-2025-1628 · Tcas Ii · Tcas Ii

Name of the Vulnerable Software and Affected Versions: TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F Description: The issue allows an attacker to impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control...

CVE-2019-10554

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

Design/Logic Flaw

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

CVE-2019-5307

Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162C01E160R1P12/C01E160R2P1 and P30 Pro versions before VOG-AL00 9.1.0.162C01E160R1P12/C01E160R2P1, are exposed to a message replay vulnerability. For the sake of better compatibility, these devices implement a less strict check on th...