CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

CVE-2026-32877

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

PT-2026-27302

Name of the Vulnerable Software and Affected Versions Mod gnutls versions prior to 0.12.3 Mod gnutls versions prior to 0.13.0 Description Mod gnutls is a TLS module for Apache HTTPD based on GnuTLS. The software contains an issue where code for client certificate verification imports the...

CVE-2025-55159

slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the getdisjointmut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has...

CVE-2025-55159 slab allows out-of-bounds access in `get_disjoint_mut` due to incorrect bounds check

slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the getdisjointmut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has...

PT-2022-36286 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue concerns an invalid length check when fetching device IDs. This problem was introduced in version v5.3 and is fixed in version v5.10.156. The actual impact and attack plausibilit...

UBUNTU-CVE-2018-10195

lrzsz before version 0.12.21rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a sizet to wrap around...

Memory out-of-bounds access vulnerability in wps

WPS is an office software developed by Kingsoft Office Software. A memory out-of-bounds access vulnerability exists in WPS. The vulnerability is due to the docreader module did not take the length of the value of the more check due to, an attacker can use the vulnerability to obtain sensitive...