CVE-2026-43256

A flaw was found in the Linux kernel's media subsystem, specifically within the Qualcomm Camera Subsystem CAMSS Video Front End VFE driver. An out-of-bounds memory access can occur in the vfeisrregupdate function when processing interrupt service routines. This vulnerability arises because a loop...

EUVD-2026-27819

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfeisrregupdate vfeisr iterates using MSMVFEIMAGEMASTERSNUM7 as the loop bound and passes the index to vfeisrregupdate. However, vfe-line array is defined with VFELINENUMMAX4:...

CVE-2026-43256

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfeisrregupdate vfeisr iterates using MSMVFEIMAGEMASTERSNUM7 as the loop bound and passes the index to vfeisrregupdate. However, vfe-line array is defined with VFELINENUMMAX4:...

CVE-2026-43256

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfeisrregupdate vfeisr iterates using MSMVFEIMAGEMASTERSNUM7 as the loop bound and passes the index to vfeisrregupdate. However, vfe-line array is defined with VFELINENUMMAX4:...

CVE-2026-43256

CVE-2026-43256 is a Linux kernel vulnerability in the media subsystem (Qualcomm CAMSS VM) where the vfe_isr_reg_update() function may perform an out-of-bounds access. The code loops with MSM_VFE_IMAGE_MASTERS_NUM(7) but accesses vfe->line[] defined as struct vfe_line lineVFE_LINE_NUM_MAX . Whe...

CVE-2026-43256 media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update()

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfeisrregupdate vfeisr iterates using MSMVFEIMAGEMASTERSNUM7 as the loop bound and passes the index to vfeisrregupdate. However, vfe-line array is defined with VFELINENUMMAX4:...

CVE-2026-0116

In mfchandlereleasedbuf of mfccoreisr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from an off-by-one rule in the mfccoreisr.c file, where the mfchandlereleasedbuf variable lacks boundary checks, allowing for out-of-bounds writes and potentially enabling remote co...

CVE-2026-27118

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration ISR is accessible on all routes, allowi...

EUVD-2013-1281

Malware in sbrugna...

EUVD-2022-55514

Malicious code in bioql PyPI...

EUVD-2025-1559

Malicious code in bioql PyPI...

SUSE CVE-2022-50236

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec If the system is rebooted via isr, the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: 0.500930 Unable to handle kern...

DEBIAN-CVE-2022-50236

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec If the system is rebooted via isr, the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: 0.500930 Unable to handle kern...

CVE-2022-50236 iommu/mediatek: Fix crash on isr after kexec()

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix crash on isr after kexec If the system is rebooted via isr, the IRQ handler might be triggered before the domain is initialized. Resulting on an invalid memory access error. Fix: 0.500930 Unable to handle kern...

CVE-2025-38335

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPTRT When enabling PREEMPTRT, the gpiokeysirqtimer callback runs in hard irq context, but the inputevent takes a spinlock, which isn't allowed there as it is converted to a...

CVE-2025-0224

A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2LMM, SH-8100A-2LMM, SH-16200A-21U, SH-16200A-51U and NVR5-8200PX up to 20241220. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /server.js. The manipulation leads to...

CVE-2013-1241

The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service module reload via a series of malformed packets, aka Bug ID CSCub92025...

CVE-2011-4661

A memory leak vulnerability exists in Cisco IOS before 15.21T due to a memory leak in the HTTP PROXY Server process aka CSCtu52820, when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured...

CVE-2025-0224

A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2LMM, SH-8100A-2LMM, SH-16200A-21U, SH-16200A-51U and NVR5-8200PX up to 20241220. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /server.js. The manipulation leads to...