11 matches found
free5GC UDR: Fail-open handling in PolicyDataSubsToNotifyPost allows unintended subscription creation
Summary A fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue processing requests even after request body retrieval or deserialization errors. This may allow unintended creation of Policy Data notification subscriptions wit...
CVE-2026-25583
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8 when processing malformed ICC profile files via unchecked fread...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002769)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002769 advisory. The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary acces...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003004)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003004 advisory. The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary acces...
Linux Distros Unpatched Vulnerability : CVE-2017-9985
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
NZXT CAM 信息泄露漏洞
NZXT CAM is an all-in-one software solution for computer hardware monitoring and management. An information disclosure vulnerability exists in the Privileged I/O Read IRP feature of the WinRing0x64 driver for NZXT CAM 4.8.0. An attacker can exploit this vulnerability by sending a specially crafte...
golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The...
DEBIAN-CVE-2017-9985
The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
UBUNTU-CVE-2017-9985
The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...
PT-2017-2424 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.7 Description: The issue is related to the snd msndmidi input read function in the Linux kernel, specifically in the sound/isa/msnd/msnd midi.c file. It is caused by an out-of-bounds access in memory, which...