CLSA-2026-1779368297 polkit: Fix of CVE-2026-4897

CVE-2026-4897: Fix unbounded stdin reads that allow local user to trigger OOM and DoS in setuid helper; add input length checks and limit allocations...

CLSA-2026-1771010890 freerdp: Fix of 5 CVEs

CVE-2026-22859: fix out-of-bounds access due to missing interface index validation in urbdrc channel - CVE-2026-23732: fix out-of-bounds read due to missing input length check in glyph conversion - CVE-2026-23883: fix integer overflow in cursor pixel allocation and surface-to-surface rectangle...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC has a stack buffer overflow vulnerability , the vulnerability stems from the dumpttxtsample function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992590 advisory. In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102i2ctransfer In dw2102i2ctransfer, msg is controlled by...

TOTOLINK A7000R 安全漏洞

TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK that supports WiFi7 technology for home or small business network environments. The TOTOLINK A7000R suffers from a stack buffer overflow vulnerability, which stems from the failure of the wifiOff parameter in the sub421A0...

D-Link DIR600L formSetQoS function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

EUVD-2025-12350

Malicious code in bioql PyPI...

EUVD-2023-32249

Malicious code in bioql PyPI...

Tenda AC10 sub_46284C Function Stack Buffer Overflow Vulnerability

Tenda AC10 is a dual-band Gigabit wireless router launched by Shenzhen Jixiang Tenda Technology Co., Ltd, mainly for 200M and above fiber optic users. Tenda AC10 has a stack buffer overflow vulnerability, the vulnerability stems from the security5g parameter in the sub46284C function fails to...

GoBGP 安全漏洞

GoBGP is an open source Border Gateway Protocol BGP implementation from osrg open source. A security vulnerability exists in GoBGP versions prior to 3.35.0 that stems from pkg/packet/mrt/mrt.go not properly checking input length...

CVE-2025-43970

GoBGP before 3.35.0 has an input length check flaw in pkg/packet/mrt/mrt.go during MRT parsing, where it fails to ensure required lengths (12 or 36 bytes depending on address family). The issue is documented in CVE-2025-43970 and is addressed by upgrading to GoBGP 3.35.0 or later. The Connected d...

CVE-2025-43970

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes depending on the address family...

snappy-java: Unchecked chunk length leads to DoS

A flaw was found in Snappy-java's fileSnappyInputStream hasNextChunk function, which does not sufficiently evaluate input bytes before beginning operations. This issue could allow an attacker to send malicious input to trigger an out of memory error that crashes the program, resulting in a denial...

SUSE CVE-2024-35964

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data...

UBUNTU-CVE-2024-35964

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not validating setsockopt user input Check user input length before copying data...

Tenda FH1203 fromWizardHandle Method Buffer Overflow Vulnerability

Tenda FH1203 is a dual-band wireless router from Tenda China, mainly used for home network coverage. The Tenda FH1203 suffers from a buffer overflow vulnerability that stems from the PPW parameter of the fromWizardHandle method failing to properly validate the length of the input data, which can ...

TOTOLINK X2000R Gh formMeshUploadConfig Method Buffer Overflow Vulnerability

TOTOLINK X2000R Gh is a WiFi 6 router from China's Gion Electronics TOTOLINK, which supports Gigabit network and Easy Mesh features with multi-device connectivity and wireless expansion. The TOTOLINK X2000R Gh suffers from a buffer overflow vulnerability that stems from the formMeshUploadConfig...

Tenda AC6 缓冲区错误漏洞

Tenda AC6 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a maximum transmission rate of 1167Mbps and dual-band all-in-one functionality. The Tenda AC6 suffers from a buffer overflow vulnerability that originates from the sub34FD0 function failing to properly...

Tenda AC6 缓冲区错误漏洞

Tenda AC6 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a maximum transmission rate of 1167Mbps and dual-band all-in-one functionality. The Tenda AC6 suffers from a buffer overflow vulnerability, which originates from the sub73004 function failing to correctly...

Tenda A15 缓冲区错误漏洞

Tenda A15 is a WiFi extender from Tenda, a Chinese company. A stack overflow vulnerability exists in the Tenda A15 security5g parameter, which originates from a lack of length checking of input data in the security5g parameter of /goform/WifiBasicSet, which can be exploited by an attacker to...