600 matches found
busybox: Fix of 4 CVEs
CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...
PT-2026-35139
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In openvswitch, the validate set function accepted OVS KEY ATTR MPLS as a variable-sized payload for SET and SET MASKED actions. However, action handling expects fixed-size MPLS key data...
CVE-2026-31641
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...
USN-8206-1: OpenMPT vulnerability
Antonio Morales Maldonado discovered that OpenMPT did not properly limit the length of strings in certain cases, leading to a buffer overflow. An attacker could possibly use this issue to cause OpenMPT to crash, resulting in a denial of service...
Nimiq 安全漏洞
Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from a panic being triggered by HistoryTreeProof::verify in the nimiq-transaction when processing proofs with incorrect formats...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013738)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013738 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c...
GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser
A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011146)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011146 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c...
GStreamer: GStreamer: Remote Code Execution via heap-based buffer overflow in JPEG parser
A flaw was found in GStreamer. A remote attacker can exploit a heap-based buffer overflow vulnerability in the GStreamer JPEG parser by providing a specially crafted JPEG file. This issue is caused by improper validation of Huffman table lengths, which can lead to arbitrary code execution in the...
EUVD-2025-209528
Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or...
Firebird 安全漏洞
Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the lack of validation...
GHSA-3G92-F9CH-QJCM Plonky3: The sponge construction used to get a hash function from a cryptographic permutation is not collision resistant for inputs of different lengths
Vulnerability Currently, when hashing, if the number of elements to hash is not a multiple of the rate, hashiter pads by elements of the current state. This means that it is possible to create iterators of different lengths which lead to an identical hashed state. Given a simple example using a...
CVE-2026-40253
openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the MakeTable in the decompression routine when bit-length values from a crafted firmware blob exceed the expected range, leading to stack memory corruption in the Count array and related decode tables. An...
UEFI Firmware Parser has a stack out-of-bounds write in tiano decompressor MakeTable
uefi-firmware contains a stack out-of-bounds write vulnerability in the native tiano/EFI decompressor. in uefifirmware/compression/Tiano/Decompress.c, MakeTable does not validate that bit-length values read from the compressed bitstream are within the expected range 0..16. a crafted firmware blob...
thunderbird: Out of bounds read in IMAP parsing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...
thunderbird: Out of bounds read in IMAP parsing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...
thunderbird: Out of bounds read in IMAP parsing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...
thunderbird: Out of bounds read in IMAP parsing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...
thunderbird: Out of bounds read in IMAP parsing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...