CVE-2025-37943

CVE-2025-37943 affects the Linux kernel wireless driver ath12k (DP_RX_DECAP_TYPE_NATIVE_WIFI). The issue is an invalid data access when hardware delivers packets with a length exceeding the maximum native Wi‑Fi header, potentially causing memory corruption in ath12k_dp_rx_h_undecap_nwifi. The adv...

CVE-2025-37943 wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid data access in ath12kdprxhundecapnwifi In certain cases, hardware might provide packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessing and modifying fields ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from invalid data access in ath12kdprxhundecapnwifi...

ROS-20250424-02

The vulnerability of SnakeYAML library for serialization and deserialization of YAML documents is related to recovery of an invalid data structure in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Exploit for CVE-2025-24797

CVE-2025-24797 CVE-2025-24797 Detail - NVDhttps://nvd.nist...

CVE-2025-22871 Request smuggling due to acceptance of invalid chunked data in net/http

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly handling when the bitmap region contains invalid data, which could lead to a crash...

PT-2025-30812

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the platform/x86/dell-wmi-sysman component. A flaw exists in how WMI data blocks are retrieved in sysfs callbacks, potentially leading to issues...

CLSA-2024-1734368527 php: Fix of CVE-2024-11233

CVE-2024-11233: Fix buffer overread by one byte issue in convert.quoted-printable-decode filter - Fix Bug 74267: segfault with streams and invalid data...

Eaton IPP 安全漏洞

Eaton IPP is a power management software from Eaton Corporation USA. A security vulnerability exists in Eaton IPP versions prior to v1.71, which stems from insufficient validation of data authenticity and could cause the system to accept invalid data...

CVE-2024-9736 Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in th...

CVE-2024-11567 IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

CVE-2024-5512

Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

GO-2024-3259 CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft

CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data in github.com/cometbft/cometbft...

CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data

Name: ASA-2024-011: Vote Extensions: Panic when receiving a Pre-commit with an invalid data Component: CometBFT Criticality: High Considerable Impact, and Possible Likelihood per ACMv1.2 Affected versions: = 0.38.x, unreleased v1.x and main development branches Affected users: Chain Builders +...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a possible runtime failure caused by an invalid data address due to a bpf validation error...

CVE-2024-37346

There is an insufficient input validation vulnerability in the Warehouse component of Absolute Secure Access prior to 13.06. Attackers with system administrator permissions can impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the...

PT-2024-7799 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability, where the...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...

CVE-2024-2606

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...