EUVD-2026-31439

vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application lacks a runtime check on the length of history entries in release builds, potentially allowing a crafted long path or command in the...

Linux Distros Unpatched Vulnerability : CVE-2026-43190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1...

CVE-2025-70067

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy without runtime length validation...

Astra Linux - уязвимость в ofono

A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was triggered within the decodesubmitreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

EUVD-2026-17210

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

GHSA-8X3W-QJ7J-GQHF openmls has improper tag validation

Membership and confirmation tags may not be checked correctly due to a missing length check. Any tag that is shorter than the expected tag, but matches up to its length, as well as any empty tag is considered valid. Impact The vulnerability affects a secondary authentication guarantee that MLS...

CVE-2025-27807

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS...

CVE-2025-27807

The CVE-2025-27807 entry describes an out-of-bounds write caused by missing length checks in multiple Samsung Exynos-based devices (Mobile Processor, Wearable Processor, and Modem families: Exynos 980/990/850/1080/2100/1280/2200/1330/1380/1480/2400/1580/9110, W920/W930/W1000, Modems 5123/5300/540...

PT-2025-47921

Name of the Vulnerable Software and Affected Versions Fluent Bit versions affected versions not specified Description The extract name function within the in docker input plugin of Fluent Bit contains a buffer overflow issue. This occurs because the function copies container names into a fixed-si...

CVE-2025-27374

An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes...

CVE-2025-27374

CVE-2025-27374 affects Samsung’s Secure Boot component on Exynos Mobile/Wearable Processors (models listed in the document). The issue is a missing length check that can lead to out-of-bounds writes. The connected records repeatedly describe the same flaw but do not provide concrete exploit detai...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service that may occur when the driver parses each STA profile IE and attempts to access the EXTN element ID without checking the IE length...

PT-2025-30775

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the virtio-net module. Specifically, a missing check in the xdp linearize page function allows for an out-of-bound read when processing buffers fr...

OESA-2023-1524 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including one or several processors and various peripherals. It can be used to launch...

CVE-2022-20385

a function called 'nlaparse', do not check the len of para, it will check nlatype which can be controlled by userspace with 'maxtype' in this case, it is GSCANMAX, then it access polciy array 'policytype', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819...

PT-2022-14610 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions affected versions not specified Description: The issue is related to a function called nla parse, which fails to check the length of a parameter, allowing userspace to control nla type. This can lead to out-of-bounds OOB acce...

PT-2022-10405 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a possible out of bound read due to the lack of a length check of data length for a DIAG event. This affects various Qualcomm Snapdragon products,...

python-rsa: decryption of ciphertext leads to DoS

A flaw was found in the python-rsa package, where it does not explicitly check the ciphertext length against the key size and ignores the leading 0 bytes during the decryption of the ciphertext. This flaw allows an attacker to perform a ciphertext attack, leading to a denial of service. The highe...

DEBIAN-CVE-2020-12284

cbsjpegsplitfragment in libavcodec/cbsjpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEGMARKERSOS handling because of a missing length check...