115 matches found
CVE-2026-48132 VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP
The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption of VPN...
Astra Linux - уязвимость в libstb
stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...
CVE-2026-31697
A flaw was found in the Linux kernel's crypto: ccp driver. A local user could exploit this vulnerability by attempting to retrieve the CPU ID when a firmware command fails due to an invalid length. This can cause an overflow of a kernel-allocated buffer, leading to the disclosure of sensitive...
PT-2026-36382
In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000 xilinx download loads the firmware that was requested by request firmware. It is possible for it to overrun the source buffer because it blindly trusts the file...
CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing
A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI Extensible Firmware Interface device path node header. A local user could exploit this...
JLSEC-2026-94
In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...
CVE-2025-47373
Memory Corruption when accessing buffers with invalid length during TA invocation...
CVE-2025-47373
Memory Corruption when accessing buffers with invalid length during TA invocation...
EUVD-2025-208183
Memory Corruption when accessing buffers with invalid length during TA invocation...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a buffer error vulnerability, which stems from using an invalid length to access the buffer during TA calls, potentially leading to memory corruption...
PT-2026-22639
Name of the Vulnerable Software and Affected Versions affected versions not specified Description A memory corruption issue exists when accessing buffers with an invalid length during a Trusted Application TA invocation. This can lead to unpredictable behavior or potential compromise of the syste...
📄 zlib crc32_combine_gen64 Denial of Service
zlib versions prior to 1.3.2 has an infinite loop vulnerability in the crc32combinegen64 function that can result in a denial of service condition. ============================================================================================================================================= | Title...
Crypt::URandom 安全漏洞
Crypt::URandom is an encrypted Perl library developed by DDICK’s individual developers. Versions of Crypt::URandom prior to 0.55 contained security vulnerabilities. These vulnerabilities stemmed from a heap buffer overflow in the XS function crypturandomgetrandom. This function did not validate t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002964)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002964 advisory. The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic by leveraging...
EUVD-2020-30820
BACnet Test Server versions up to and including 1.01 contains a remote denial of service vulnerability in its BACnet/IP BVLC packet handling. The server fails to properly validate the BVLC Length field in incoming UDP BVLC frames on the default BACnet port 47808/udp. A remote unauthenticated...
CVE-2020-36872
CVE-2020-36872 affects BACnet Test Server versions up to and including 1.01. It has a remote denial-of-service vulnerability in BACnet/IP BVLC UDP handling caused by improper validation of the BVLC Length field on port 47808. An unauthenticated attacker can send a malformed BVLC Length value to t...
PT-2025-48193
Name of the Vulnerable Software and Affected Versions BACnet Test Server versions up to and including 1.01 Description BACnet Test Server is susceptible to a remote denial of service. The server does not correctly validate the BVLC Length field within incoming UDP BVLC frames on the default BACne...
EUVD-2006-5410
Malware in sbrugna...
EUVD-2021-17204
Malware in sbrugna...
EUVD-2008-4598
Malware in sbrugna...