EUVD-2025-210022

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

CVE-2025-59609

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

CVE-2025-59609 Buffer Over-read in WLAN Host Communication

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

CVE-2025-59609

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length...

CVE-2025-59609

The CVE-2025-59609 issue is a disclosure vulnerability affecting how advertisement frames are processed when MBSSID elements are malformed or too short. The root cause is in the processing path that handles MBSSID elements, which may allow information exposure. The CVSS 3.1 vector indicates netwo...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an insufficient length check in the hfsasc2mac function, which could lead to out-of-bounds writes...

EUVD-2017-2759

Malware in sbrugna...

CVE-2023-42769

The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter...

CVE-2022-2127

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan manage...

Buffer overflow

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...

CVE-2023-27892

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cfconfirmExecTx in ethereumcontracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With...

CVE-2023-27892

CVE-2023-27892 affects ShapeShift KeepKey hardware wallet firmware prior to 7.7.0. It stems from insufficient length checks that allow a global buffer overflow via crafted messages. The issue involves flaws in cf_confirmExecTx() within ethereum_contracts.c, which can reveal arbitrary microcontrol...

CVE-2023-23846

Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol GPTv1-U messages, a protocol payload with any extension header length set to zero causes an infinite loop. The affected process...

libX11 Insufficient Length Check / Injection

Hello list, A missing length check in libX11 causes data from LookupColor requests mess up the client-server communication protocol and inject malicious X server requests. The flaw is comparable to SQLi injecting commands into database connections granting an attacker access to all features of th...

CVE-2021-31616

CVE-2021-31616 affects ShapeShift KeepKey hardware wallet firmware prior to 7.1.0. The issue is a stack buffer overflow caused by insufficient length checks in the ethereum_extractThorchainSwapData() function within ethereum.c, which can be triggered by crafted messages and is reachable remotely ...

CVE-2021-31616

Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.1.0 allow a stack buffer overflow via crafted messages. The overflow in ethereumextractThorchainSwapData in ethereum.c can circumvent stack protections and lead to code execution. The vulnerable interface is...

Joomla 1.6.x < 3.9.25 Multiple Vulnerabilities (5834-joomla-3-9-25)

According to its self-reported version, the instance of Joomla! running on the remote web server is 1.6.x prior to 3.9.25. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand function within the process of...

CVE-2021-23127

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes...

Arteco Web Client DVR/NVR Session Hijacking

!/usr/bin/env python3 Arteco Web Client DVR/NVR 'SessionId' Cookie Brute Force Session Hijacking Exploit Vendor: Arteco S.U.R.L. Product web page: https://www.arteco-global.com Affected version: n/a Summary: Arteco DVR/NVR is a mountable industrial surveillance server ideal for those who need to...

FreeBSD : FreeBSD -- Insufficient packet length validation in libalias (30ce591c-947b-11ea-92ab-00163e433440)

libalias3 packet handlers do not properly validate the packet length before accessing the protocol headers. As a result, if a libalias3 module does not properly validate the packet length before accessing the protocol header, it is possible for an out of bound read or write condition to occur...