CVE-2023-7345 Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation

Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...

Rsync 安全漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync from 3.0.1 to 3.4.1 contain security vulnerabilities. These vulnerabilities stem from the use of untrusted length values in the receivexattr function during the...

SUSE CVE-2026-24738

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

CVE-2026-24738 gmrtd ReadFile Vulnerable to Denial of Service via Excessive TLV Length Values

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

EUVD-2008-1384

Malware in sbrugna...

EUVD-2021-12555

Malware in sbrugna...

EUVD-2018-11349

Malware in sbrugna...

EUVD-2019-6217

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-19665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. CVE-2018-19665 Note that Nessus relies on the...

CVE-2021-42917

Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attackers to cause a denial of service due to improper length of values passed to istream...

DEBIAN-CVE-2025-40907

FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...

K000148693: libssh2 vulnerability CVE-2015-1782

Security Advisory Description The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet. CVE-2015-1782 Impact There is no impact; F5 products are not affected ...

Amazon Linux 2023 : xorg-x11-server-common, xorg-x11-server-devel, xorg-x11-server-source (ALAS2023-2024-583)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-583 advisory. A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially...

CVE-2024-23911

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet...

CVE-2024-31080

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

SUSE CVE-2006-4805

epan/dissectors/packet-xot.c in the XOT dissector dissectxotpdu in Wireshark formerly Ethereal 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service memory consumption and crash via an encoded XOT packet that produces a zero length value when it is decoded...

SUSE CVE-2008-5904

The rdprdpprocesscolorpointerpdu function in rdp/rdprdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow...

SUSE CVE-2016-2378

A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious server or an unfiltered malicious user can send negative length...

SUSE CVE-2018-19665

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption...