CVE-2026-54413

driftregion iso14229 up to 0.9.0 has an integer underflow in Handle_0x27_SecurityAccess() that enables a remote unauthenticated attacker to crash a UDS server and possibly read memory beyond the receive buffer by sending a 0x27 SecurityAccess request after a prior well-formed 0x27 message. The co...

PT-2026-49065

Summary Unchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after testing, crashes, heavily lags any container created, and has even made my docker daemon start to send errors with status code 500 even after the...

EUVD-2026-31439

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

Astra Linux - уязвимость в ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was triggered within the decodesubmitreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through...

Linux Distros Unpatched Vulnerability : CVE-2026-43190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1...

CVE-2025-70067

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

EUVD-2026-17210

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

GHSA-8X3W-QJ7J-GQHF openmls has improper tag validation

Membership and confirmation tags may not be checked correctly due to a missing length check. Any tag that is shorter than the expected tag, but matches up to its length, as well as any empty tag is considered valid. Impact The vulnerability affects a secondary authentication guarantee that MLS...

CVE-2025-27807

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS...

CVE-2025-27807

The CVE-2025-27807 entry describes an out-of-bounds write caused by missing length checks in multiple Samsung Exynos-based devices (Mobile Processor, Wearable Processor, and Modem families: Exynos 980/990/850/1080/2100/1280/2200/1330/1380/1480/2400/1580/9110, W920/W930/W1000, Modems 5123/5300/540...

PT-2025-47921

Name of the Vulnerable Software and Affected Versions Fluent Bit versions affected versions not specified Description The extract name function within the in docker input plugin of Fluent Bit contains a buffer overflow issue. This occurs because the function copies container names into a fixed-si...

CVE-2025-27374

An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes...

CVE-2025-27374

CVE-2025-27374 affects Samsung’s Secure Boot component on Exynos Mobile/Wearable Processors (models listed in the document). The issue is a missing length check that can lead to out-of-bounds writes. The connected records repeatedly describe the same flaw but do not provide concrete exploit detai...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service that may occur when the driver parses each STA profile IE and attempts to access the EXTN element ID without checking the IE length...

PT-2025-30775

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the virtio-net module. Specifically, a missing check in the xdp linearize page function allows for an out-of-bound read when processing buffers fr...

OESA-2023-1524 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including one or several processors and various peripherals. It can be used to launch...

CVE-2021-46887

Lack of length check vulnerability in the HWKEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read...

CVE-2022-20385

a function called 'nlaparse', do not check the len of para, it will check nlatype which can be controlled by userspace with 'maxtype' in this case, it is GSCANMAX, then it access polciy array 'policytype', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819...

PT-2022-14610 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions affected versions not specified Description: The issue is related to a function called nla parse, which fails to check the length of a parameter, allowing userspace to control nla type. This can lead to out-of-bounds OOB acce...