408 matches found
CVE-2026-24089
Memory corruption while processing fastboot commands with invalid input...
CVE-2026-24089 Improper Validation of Syntactic Correctness of Input in Kernel
Memory corruption while processing fastboot commands with invalid input...
CVE-2026-24089
CVE-2026-24089 describes memory corruption that occurs when processing fastboot commands with invalid input. The NVD entry lists a CVSS v3.1 base score of 7.2 (HIGH) with physical attack vector, low attack complexity, no user interaction, requiring high privileges, and a changed scope. The impact...
PT-2026-45644
Memory corruption while processing fastboot commands with invalid input...
CVE-2026-9521 fraillt bitsery std_smart_ptr.h loadFromSharedState improper validation of specified type of input
A security vulnerability has been detected in fraillt bitsery up to 5.2.4. Affected is the function loadFromSharedState in the library include/bitsery/ext/stdsmartptr.h. Such manipulation leads to improper validation of specified type of input. It is possible to launch the attack remotely. The...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: acpi: nfit: fixed the narrowing conversion in acpinfitctl Syzkaller reported a warning in tonfitbusuuid: “Only secondary bus families can be translated”. This warning is emitted if the argument equals NVDIMMBUSFAMILYNFIT == 0...
Astra Linux – Vulnerability in unrar-nonfree
RARLAB WinRAR Recovery Volume: Improper validation of array index leads to remote code execution vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability, as the targe...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: bpf, testrun: Fixed an use-after-free issue in ethskbpkttype. KMSAN reported a use-after-free issue in ethskbpkttype1. The cause of the issue was that ethskbpkttype accessed data from skb that did not contain an Ethernet heade...
CVE-2026-5511
In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...
Advisory ROSA-SA-2026-3279
software: tomcat 9.0.37 WASP: ROSA-CHROME unaffected versions = tomcat-9.0.37-16 affected versions tomcat-9.0.37-16 CVE-ID: CVE-2026-24733 BDU-ID: None CVE-Crit: LOW CVE-DESC.: An invalid input validation vulnerability in Apache Tomcat allows a remote attacker to bypass security restrictions by...
TP-Link Archer AX72 安全漏洞
The TP-Link Archer AX72 is a Wi-Fi 6 wireless router produced by TP-Link Corporation. The TP-Link Archer AX72 SG v1 version has a security vulnerability. This vulnerability arises from the improper handling of invalid user inputs by the network diagnostic function, which may lead to limited...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
SUSE CVE-2026-43169
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...
Linux Distros Unpatched Vulnerability : CVE-2026-43169
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two vi...
EUVD-2026-27732
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...
CVE-2025-47408
Memory corruption when another driver calls an IOCTL with invalid input/output buffer...
CVE-2025-47408
Memory corruption when another driver calls an IOCTL with invalid input/output buffer...
EUVD-2025-209633
Memory corruption when another driver calls an IOCTL with invalid input/output buffer...
PT-2026-36844
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when another driver calls an IOCTL Input/Output Control, which is a device driver communication mechanism, using an invalid input or...
SUSE-SU-2026:21396-1 Security update for libssh
This update for libssh fixes the following issues: - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible Denial of Service when parsing unexpected configuration files bsc1258045 - CVE-2026-0966: Buffer underflow in...