28 matches found
CVE-2026-43034
In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...
CVE-2026-43034
In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...
CVE-2026-43034 bnxt_en: set backing store type from query type
In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...
EUVD-2026-26633
In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...
PT-2026-36451
In the Linux kernel, the following vulnerability has been resolved: bnxt en: set backing store type from query type bnxt hwrm func backing store qcaps v2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctx arr...
CVE-2026-27143
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...
CVE-2026-27143
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption...
SUSE CVE-2026-33487
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version,...
Linux Distros Unpatched Vulnerability : CVE-2026-33487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in...
GO-2026-4753 Loop Variable Capture Signature Bypass in goxmldsig in github.com/russellhaering/goxmldsig
Loop Variable Capture Signature Bypass in goxmldsig in github.com/russellhaering/goxmldsig...
CVE-2026-33487
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version,...
CVE-2026-33487
The connected GHSA entry details a concrete vulnerability in goxmldsig: the validateSignature loop captures the loop variable by reference (ref = &_ref) when iterating signedInfo.References, causing the ref pointer to alias the last element. This can let an attacker substitute one referenced elem...
CVE-2026-33487 goxmldsig has validateSignature Loop Variable Capture Signature Bypass
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version,...
CVE-2026-33487 goxmldsig has validateSignature Loop Variable Capture Signature Bypass
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version,...
CVE-2026-33487 goxmldsig has validateSignature Loop Variable Capture Signature Bypass
goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version,...
validateSignature Loop Variable Capture Signature Bypass in goxmldsig
Details The validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version, there is a loop variable capture issue. The code takes the address of the...
GHSA-479M-364C-43VC validateSignature Loop Variable Capture Signature Bypass in goxmldsig
Details The validateSignature function in validate.go goes through the references in the SignedInfo block to find one that matches the signed element's ID. In Go versions before 1.22, or when go.mod uses an older version, there is a loop variable capture issue. The code takes the address of the...
PT-2026-26773
Name of the Vulnerable Software and Affected Versions goxmlsig versions prior to 1.6.0 goxmlsig versions prior to 1.22 when using older Go versions or go.mod versions Description The validateSignature function in validate.go has a loop variable capture issue in Go versions before 1.22, or when...
EUVD-2019-2339
Malware in sbrugna...
CVE-2019-10535
Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...