13 matches found
CVE-2026-41664
Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0...
CVE-2026-48686
FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013207)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013207 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may b...
AZL-75020 CVE-2026-0988 affecting package glib 2.71.0-9
A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...
CVE-2026-0988
A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...
EUVD-2022-55829
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...
PT-2025-42748
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow issue exists in the USB 9pfs transport layer. Inconsistent size validation between packet header parsing and actual data copying allows a malicious USB host to overflow...
kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...
UBUNTU-CVE-2022-50440
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox...
kernel: HID: hyperv: avoid struct memcpy overrun warning
A compiler warning issue was found in the Linux kernel's Hyper-V HID driver that could lead to potential memory safety issues. A local user can trigger this issue when the fortified memcpy implementation detects potential buffer overflows in the mousevsconreceive function, where the compiler cann...
Polaris office 2017 has a memory copy overflow vulnerability
Polaris Office is an office software developed by INFRAWARE in Korea. You can view and edit Word documents, Excel tables, Microsoft Office PowerPoint slides and other commonly used office documents. Polaris office 2017's PWord.exe is the program used to view doc documents, and when opening a doc...
SWFTools memcpy buffer overflow vulnerability
SWFTools is a suite of open source software tools for creating and manipulating SWF files. A memcpy buffer overflow vulnerability exists in swfc in SWFTools. An attacker could exploit this vulnerability to cause a denial of service...
security flaw
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different...