PT-2026-7630

Name of the Vulnerable Software and Affected Versions OpenSatKit version 2.2.1 Description The software contains a buffer overflow issue due to the use of sprintf without proper length checking when formatting filenames into the EventErrStr buffer. The EventErrStr buffer is fixed at 256 bytes. Th...

SAMSUNG多款产品 安全漏洞

SAMSUNG Wearable Processor and others are products of the South Korean company Samsung.SAMSUNG Wearable Processor is a series of wearable processors.SAMSUNG Exynos 990 is a mobile processor.SAMSUNG Exynos 850 is a mobile processor. SAMSUNG Exynos 850 is a mobile processor. A security vulnerabilit...

CVE-2025-55081 Potential out of bound read in _nx_secure_tls_process_clienthello()

In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...

SUSE CVE-2023-43114

An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFontFromData, then it can cause the application to crash because of missing length check...

Huawei HarmonyOS 缓冲区错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer error vulnerability exists in Huawei HarmonyOS versions prior to 2.0, which stems from a lack of length checking vulnerability in the HWKEYMASTER...

多款Qualcomm产品授权问题漏洞

The Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The QCA6574AU is a central processing unit CPU product.The SD 636 is a central processing unit CPU product.The SDM630 is a central processing unit CPU product.The SDM630 is a central processing unit CPU...

CVE-2021-22750

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition...

DEBIAN-CVE-2021-27365

An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum leng...

A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker who can create valid DNS replies could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name() which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq resulting in a denial of service. The highest threat from this vulnerability is to system availability.

...

PT-2020-11996 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: An issue was discovered in Joomla! where missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses. Recommendations: For versions...

ImageMagick Denial of Service Vulnerability (CNVD-2019-12133)

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A denial of service vulnerability exists in ImageMagick 7.0.8-11, which stems from the ReadPICTImage function in coders/pict.c and the ReadDCMImage function in...