EUVD-2026-28756

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkcthelper: fix OOB read in nfnlcthelperdumptable nfnlcthelperdumptable has a 'goto restart' that jumps to a label inside the for loop body. When the "last" helper saved in cb-args1 is deleted between dump round...

CVE-2026-43449

CVE-2026-43449 concerns the Linux kernel NVMe PCI driver. The issue is a slab-out-of-bounds write in nvme_dbbuf_set caused by an incorrect loop bound when indexing dev->online_queues; index 0 (admin queue) is excluded, but the loop could overrun. The vulnerability is evidenced by KASAN reports...

EUVD-2021-31330

Malicious code in bioql PyPI...

CVE-2025-38538 dmaengine: nbpfaxi: Fix memory corruption in probe()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe The nbpf-chan array is allocated earlier in the nbpfprobe function and it has "numchannels" elements. These three loops iterate one element farther than they should and corrupt...

CVE-2025-38538

CVE-2025-38538 : In the Linux kernel DMA engine nbpfaxi, memory corruption could occur due to out-of-bounds access in nbpf_probe() where nbpf->chan[] is allocated with num_channels elements but three loops could index one past the end. The second loop copies data from irqbuf[] to nbpf->chan...

kernel: net: atlantic: fix aq_vec index out of range error

A vulnerability was found in the Linux kernel's Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service...

PT-2025-30777

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rose rt device down function related to dangling neighbour pointers. Two bugs exist: modification of the loop bound t-count within a loop,...

CVE-2024-50129 net: pse-pd: Fix out of bound for loop

In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev-nrlines since we allocate exactly pcdev-nrlines number of P...

SUSE CVE-2017-9346

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit...

FIS GT.M Denial of Service Vulnerability (CNVD-2022-32791)

FIS GT.M is a database platform. A security vulnerability exists in versions prior to FIS GT.M V7.0-000, which can be exploited by an attacker to potentially cause a loop's bounds to be miscalculated through the use of carefully crafted inputs, which could result in the use of a loop to push a...

UBUNTU-CVE-2021-44497

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, can cause the bounds of a for loop to be miscalculated, which leads to a use after free condition a pointer is pushed into previously free memory by the loop...

SUSE-SU-2021:1165-1 Security update for glibc

This update for glibc fixes the following issues: - CVE-2020-27618: Accept redundant shift sequences in IBM1364 bsc1178386 - CVE-2020-29562: Fix incorrect UCS4 inner loop bounds bsc1179694 - CVE-2020-29573: Harden printf against non-normal long double values bsc1179721 - Check vector support in...

OPENSUSE-SU-2021:0358-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 - gconv: Fix assertion failure in ISO-2022-JP-3 module...

UBUNTU-CVE-2017-9346

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit...

DEBIAN-CVE-2017-9346

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit...

ALPINE-CVE-2017-9346

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit...

iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities

iDefense Security Advisory 01.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 15, 2008 I. BACKGROUND TIBCO SmartSockets is a message passing framework used to transport messages over disparate channels. The RTserver is the server component of the framework. More information can b...