Siemens SIMATIC S7-1500 Signed to Unsigned Conversion Error (CVE-2020-6096)

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2025:4057-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4057-1 advisory. The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issu...

PT-2025-46588

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to exception handling within the copy from user and copy to user functions on the Niagara architecture. The problem stemmed from...

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989859)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989859 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexconfigscan Replace one-element...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989691)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989691 advisory. In the Linux kernel, the following vulnerability has been resolved: media: ngene: Fix out-of-bounds bug in ngenecommandconfigfreebuf Fix an 11-year old bug in...

curl: SOCKS5 Heap Buffer Overflow via Malicious HTTP Redirect with Oversized Hostname

Summary: A heap-based buffer overflow vulnerability exists in curl's SOCKS5 proxy handshake implementation when processing HTTP redirects containing hostnames exceeding 255 characters. When curl is configured to use SOCKS5 with hostname resolution socks5h:// scheme and follows an HTTP redirect to...

Siemens SIMATIC Devices Out-of-bounds Write (CVE-2024-35944)

VMCI: Fix memcpy run-time warning in dgdispatchashost This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503777; scriptversion"1.1";...

Linux Distros Unpatched Vulnerability : CVE-2025-62672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in t...

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

EUVD-2025-35036

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying allows a malicious...

EUVD-2025-35001

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

UBUNTU-CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

CVE-2025-62672

The CVE-2025-62672 issue affects the rplay library up to version 3.3.2, where a flaw in memcpy within the RPLAY_DATA case of rplay_unpack (librplay/rplay.c) can be triggered by crafted packet data without authentication. This may allow a remote attacker to cause a denial of service (SIGSEGV) and ...

kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...

PT-2025-42260

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's mcba usb CAN driver related to handling PF PACKET sockets and CAN XL frames. Specifically, the driver lacks proper MTU validation through the ndo chan...

SUSE CVE-2023-53553

In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still see this one with gcc-9: In file included from include/linux/string.h:254, from...

EUVD-2019-6840

Malware in sbrugna...