CVE-2026-45969

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. The psgamepadcreate function does not verify the return value of inputffcreatememless. This missing check can lead to incorrect behavior or potential system crashes when Force Feedback FF effects are activated...

Astra Linux - уязвимость в xrdp

xrdp is an open-source project that provides a graphical login interface for accessing remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the xrdpmmchandatain function. There are no known solutions to this issue. Users...

Ash Framework 资源管理错误漏洞

Ash Framework is an open-source framework used for building Elixir applications. Versions of Ash Framework prior to 3.22.0 contained a resource management vulnerability. This vulnerability stems from Ash.Type.Module.castinput/2, which “Elixir.”， thereby creating new Erlang atoms. This could lead ...

CVE-2026-24111

CVE-2026-24111 affects the Tenda W20E device (version V4.0br_V15.11.0.6). The issue arises when the value of the input parameter userInfo is passed to the function addAuthUser and is processed by sscanf without size validation, which can cause a buffer overflow. The public descriptions confirm th...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68968

CVE-2025-68968 is a double-free vulnerability in the multi-mode input module affecting Huawei HarmonyOS (and mirrored in multiple CVE trackers). Affected component: the multi-mode input module; root cause: double free in the input handling code, with the impact described as potentially affecting ...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

CVE-2025-68968

Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function...

PT-2026-2573

Name of the Vulnerable Software and Affected Versions versions prior to 2025-68968 Description A double free issue exists in the multi-mode input module. Successful exploitation of this issue may affect the input function. Recommendations At the moment, there is no information about a newer versi...

anti-xss

This is a PHP library called AntiXSS, which is designed to prevent cross-site scripting XSS attacks. The library provides a set of functions to sanitize user input and protect against XSS vulnerabilities. The library is maintained by Lars Moelleken and is available on Packagist, a popular PHP...

UBUNTU-CVE-2025-38324

In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcudereferencertnl in mplsrouteinputrcu. As syzbot reported 0, mplsrouteinputrcu can be called from mplsgetroute, where is under RTNL. net-mpls.platformlabel is only updated under RTNL. Let's use rcudereferencertnl in...

CVE-2024-34643

Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2024 Release 1 version and prior versions, which stems from a key input related function in Dressroom...

PT-2024-22474 · Freeimage +1 · Freeimage +1

Name of the Vulnerable Software and Affected Versions: FreeImage version 3.19.0 r1909 Description: The issue allows a local attacker to cause a denial of service DoS via the fill input buffer function when reading images in JPEG format. Recommendations: For FreeImage version 3.19.0 r1909, conside...

CVE-2024-22914

A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service...

PT-2024-19610 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools version 0.9.2 Description: A heap-use-after-free issue was found in the function input at lex.swf5.c:2620, allowing an attacker to cause denial of service. Recommendations: For SWFTools version 0.9.2, consider disabling the function...

PT-2023-16210 · Zephyrproject Rtos +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A missing nullptr-check in the handle ra input function can cause a nullptr-deref. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

SUSE CVE-2006-5444

Integer overflow in the getinput function in the Skinny channel driver chanskinny.c in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads t...

CVE-2022-36054

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system file os/net/ipv6/sicslowpan.c contains an input function that processes incoming packets and copies them into a packet buffer. Because of a...