PT-2026-41241

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

ROS-20260515-73-0043

A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information using a specially crafted HTML page...

ROS-20260515-73-0037

A vulnerability in the WebML component of Google Chrome and Microsoft Edge browser is related to an operation exceeding memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

Improper Memory Buffer Handling

uuid is vulnerable to Improper Memory Buffer Handling. The vulnerability is due to missing validation of buffer size and offset values during UUID generation, which allows an attacker to trigger silent partial writes into caller-provided buffers...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Flexense Syncbreeze

Descripti...

CVE-2026-43462

CVE-2026-43462 affects the Linux kernel spacemit network driver. An error in the function emac_tx_mem_map() could leak DMA mappings on a mapping failure. This resource mismanagement may lead to a denial of service, impacting system availability. The published fix frees the leaked DMA mappings usi...

Linux Distros Unpatched Vulnerability : CVE-2026-43318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix sync handling in amdgpudmabufmovenotify Invalidating a dmabuf will impact other users of the shared BO. In the scenario where process A moves th...

ROS-20260508-73-0015

A vulnerability in the ngxhttpmp4module module of the NGINX Plus and NGINX Open Source HTTP server is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service or execute arbitrary code...

CVE-2026-43279

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB audio subsystem. An inconsistency in how USB audio playback and capture streams are handled can lead to an out-of-bounds write to a memory buffer. This can result in a system crash, causing a denial of service for a...

CVE-2026-43283 net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ecbhf: Fix dmafreecoherent dma handle dmafreecoherent in error path takes priv-rxbuf.alloclen as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv-rxbuf.allocphys...

CVE-2026-43266

The CVE-2026-43266 issue affects the Linux kernel’s ARM CPER/APEI handling: a CPER record with an oversized section_length can cause the kernel to read beyond the intended firmware buffer, leading to a large data dump and potential memory access issues. The fix adds a guard so the kernel stops at...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from RDMA umem canceling the fixed dmabuf twice in a failed path, potentially leading to resource...

Linux Distros Unpatched Vulnerability : CVE-2026-43128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/umem: Fix double dmabufunpin in failure path In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages can fail. If this occurs, the dmabuf i...

Linux Distros Unpatched Vulnerability : CVE-2026-43184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: qat – validate the slice count returned by the firmware. The function adfsendadmintlstart enables the telemetry TL feature on a QAT device by sending the ICPQATFWTLSTART message to the firmware. This triggers the firmware...

CVE-2026-43044

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as...

JLSEC-2026-321

HDF5 Library through 1.14.3 has a heap buffer overflow in H5Omtimenewencode in H5Omtime.c...

ROS-20260429-73-0026

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

JLSEC-2026-288 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo...

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in OSGeo gdal frmts/zlib/contrib/infback9 modules. This vulnerability is associated with program files inftree9.C‎. This issue affects gdal: before 3.11.0...

CVE-2026-31448

A flaw was found in the Linux kernel's ext4 filesystem. When creating a directory or node, if an extent insertion fails, the system may not properly clear residual data. This can lead to a situation where both directory and extended attribute xattr blocks simultaneously use the same memory buffer...