CVE-2026-45969

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. The psgamepadcreate function does not verify the return value of inputffcreatememless. This missing check can lead to incorrect behavior or potential system crashes when Force Feedback FF effects are activated...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a buffer overflow in the xrdpmmchandatain function. There are no known workarounds for this issue. Users are advised to upgrade...

Ash Framework 资源管理错误漏洞

Ash Framework is an open-source framework used for building Elixir applications. Versions of Ash Framework prior to 3.22.0 contained a resource management vulnerability. This vulnerability stems from Ash.Type.Module.castinput/2, which “Elixir.”， thereby creating new Erlang atoms. This could lead ...

CVE-2026-24111

CVE-2026-24111 affects the Tenda W20E router (v4.0br_V15.11.0.6). The issue arises when the value of the parameter userInfo is passed to the function addAuthUser and handled by a call to sscanf without proper size validation, which can lead to a buffer overflow . The public descriptions consisten...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68968

CVE-2025-68968 is a double-free vulnerability in the multi-mode input module affecting Huawei HarmonyOS (and mirrored in multiple CVE trackers). Affected component: the multi-mode input module; root cause: double free in the input handling code, with the impact described as potentially affecting ...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

PT-2026-2573

Name of the Vulnerable Software and Affected Versions versions prior to 2025-68968 Description A double free issue exists in the multi-mode input module. Successful exploitation of this issue may affect the input function. Recommendations At the moment, there is no information about a newer versi...

anti-xss

This is a PHP library called AntiXSS, which is designed to prevent cross-site scripting XSS attacks. The library provides a set of functions to sanitize user input and protect against XSS vulnerabilities. The library is maintained by Lars Moelleken and is available on Packagist, a popular PHP...

UBUNTU-CVE-2025-38324

In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcudereferencertnl in mplsrouteinputrcu. As syzbot reported 0, mplsrouteinputrcu can be called from mplsgetroute, where is under RTNL. net-mpls.platformlabel is only updated under RTNL. Let's use rcudereferencertnl in...

The vulnerability of the xhci kernel component in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the xhci core in the Linux operating system is related to incorrect validation of input data in the tegraxusbenterelpg function in drivers/usb/host/xhci-tegra.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-34643

Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2024 Release 1 version and prior versions, which stems from a key input related function in Dressroom...

PT-2024-22474 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 r1909 Description: The issue allows a local attacker to cause a denial of service DoS via the fill input buffer function when reading images in JPEG format. Recommendations: For FreeImage version 3.19.0 r1909, conside...

CVE-2024-22914

A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service...

PT-2024-19610 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools version 0.9.2 Description: A heap-use-after-free issue was found in the function input at lex.swf5.c:2620, allowing an attacker to cause denial of service. Recommendations: For SWFTools version 0.9.2, consider disabling the function...

The vulnerability of the input function in the EFence application system for managing corporate mobile devices allows a hacker to execute arbitrary commands and gain access to read, modify, or delete data.

The vulnerability of the input function in the EFence application’s corporate mobile device management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands and gain access to read, modify, ...

PT-2023-16210 · Zephyrproject Rtos +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A missing nullptr-check in the handle ra input function can cause a nullptr-deref. Recommendations: At the moment, there is no information about a newer version that contains a fix for...