The vulnerability of the set_qos() function in the internet.cgi script of the Wavlink AC3000 router microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the setqos function in the internet.cgi script of the Wavlink AC3000 WL-WN533A8 router microprogramming system is related to the escape of operations from the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending...

The vulnerability of the Intel PROSet/Wireless WiFi networking utility lies in the fact that operations are performed outside the buffer in memory, allowing a malicious actor to cause a service failure.

The vulnerability of the Intel PROSet/Wireless WiFi networking connectivity tool is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the grub_mofile_open() function for the .mo file of the Grub2 operating system allows a hacker to circumvent existing security restrictions and expose protected information.

The vulnerability of the grubmofileopen function for the .mo file of the Grub2 operating system is related to reading beyond the buffer limit in memory. Exploiting this vulnerability could allow an attacker to bypass existing security restrictions and disclose sensitive information...

CVE-2025-1864

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before 5.9.9...

CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

UBUNTU-CVE-2025-1864

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before 5.9.9...

CVE-2025-1866

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32...

CVE-2025-1866

CVE-2025-1866 affects warmcat libwebsockets in Win32 builds, with memory safety risk from improper Restriction of Operations within the Bounds of a Memory Buffer leading to pointer manipulation and potential out-of-bounds access in versions prior to 4.3.4. The issue is triggered by specific CMake...

CVE-2025-1864

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before 5.9.9...

The vulnerability of PDF-XChange Editor’s document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created JB2 file...

The vulnerability of UEFI microprogramming systems of Intel processors allows a hacker to gain unauthorized access to protected information.

The vulnerability of Intel UEFI microprogramming systems lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3635)

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tsttimer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 ...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3625)

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlinkparamset/devlinkparamget of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3565)

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function deltimer of the file drivers/isdn/mISDN/l1oipcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3545)

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function areacacheget of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfpcppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3649)

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfsnewinode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch t...

The vulnerability of the set_ws_action() function in the microprogramming software of the D-Link DAP-1320 wireless signal booster allows a intruder to trigger a service failure.

The vulnerability of the setwsaction function in the microprogramming software of the D-Link DAP-1320 wireless signal amplifier is related to the output of operations that go beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

Siemens SIMATIC Devices Linux Kernel Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-3564)

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

Advisory ROSA-SA-2025-2721

Software: zlib 1.2.11 OS: ROSA Virtualization 3.0 packageevrstring: zlib-1.2.11 CVE-ID: CVE-2022-37434 BDU-ID: 2022-05325 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the inflate.c component of the zlib library is related to an operation exceeding buffer boundaries in memory. Exploitation of...

The vulnerability of the Simple Network Management Protocol (SNMP) implementation in Cisco IOS and Cisco IOS XE operating systems allows a attacker to induce a service failure.

The vulnerability of the Simple Network Management Protocol SNMP implementation in Cisco IOS and Cisco IOS XE operating systems is related to the escape of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to trigger a service failure remotely...