freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks

An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...

SUSE CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

EUVD-2026-28704

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43398

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

UBUNTU-CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43400

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...

CVE-2026-43400

CVE-2026-43400 affects the Linux kernel’s DRM/AMDGPU component. The vulnerability arises from missing upper-bound input validation in the amdgpu_userq_signal_ioctl handler, allowing huge input values to trigger an Out-Of-Memory (OOM) condition and thus a Denial of Service. The issue is mitigated ...

CVE-2026-43398

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

CVE-2026-43398 drm/amdgpu: add upper bound check on user inputs in wait ioctl

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

PT-2026-39059

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amdgpu component where the amdgpu userq wait ioctl function lacks an upper bound check on user inputs. Providing excessively large input values can lead to an...

Grafana -- OpenFeature evaluation API reads input data with no bounds

https://grafana.com/security/security-advisories/cve-2026-27880 reports: The OpenFeature feature toggle evaluation endpoint reads unbounded values into memory, which can cause out-of-memory crashes...

D-Link DIR-816L Buffer Overflow Vulnerability

DIR-816L is a wireless router product from D-Link. A buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which originates from the soapcgimain function in the /soap.cgi file that does not perform a valid bounds check on input data. An attacker could use this...

Tenda AC8 安全漏洞

Tenda AC8 is a dual gigabit wireless router from Tenda designed for fiber optic homes up to 1000 megabytes, supporting IPv6 protocol with intelligent network management. The Tenda AC8 suffers from a buffer overflow vulnerability that originates from the formSetServerConfig function in the...

PYSEC-2021-692

TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to tf.rawops.Dilation2DBackpropInput. This is because the...

PYSEC-2021-203

TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to tf.rawops.Dilation2DBackpropInput. This is because the...

XnView Buffer Overflow Vulnerability (CNVD-2020-50140)

XnView is a multi-platform image viewing software developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphics and video files. A buffer overflow vulnerability exists in XnView version 2.04, which originates when the progra...

XnView RGB File Handling Buffer Overflow Vulnerability

XnView is a multi-platform image viewing software developed by French software developer Gougelet Pierre-Emmanuel. The software can be used to view, convert, organize and edit graphics and video files. A remote buffer overflow vulnerability exists in XnView, which originates when the program does...

Unbreakable Enterprise kernel security update

4.1.12-124.30.1 - xen: let allocxenballoonedpages fail if not enough memory free Juergen Gross Orabug: 30073695 - mm/pagealloc.c: calculate 'available' memory in a separate function Igor Redko Orabug: 30073695 - Input: gtco - bounds check collection indent level Grant Hernandez Orabug: 30074413...