SUSE-SU-2026:2141-1 Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fixed a NULL dereference in ath11kqmim3load. If ab-fw.m3data points to data, then the fw pointer remains null. Furthermore, if m3mem is not allocated, then fw is dereferenced and passed to the ath11kerr function...

openSUSE 16 Security Update : tor (openSUSE-SU-2026:20589-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20589-1 advisory. Changes in tor: - update to 0.4.8.23: Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem...

CVE-2025-39991 wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix NULL dereference in ath11kqmim3load If ab-fw.m3data points to data, then fw pointer remains null. Further, if m3mem is not allocated, then fw is dereferenced to be passed to ath11kerr function. Replace fw-size b...

EUVD-2022-51174

Malicious code in bioql PyPI...

EUVD-2024-2343

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from fbtft not setting memlen correctly, which could result in a warning being triggered...

CVE-2022-48478

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service...

Out-of-bounds Read

node-stringbuilder is vulnerable to Out-of-bounds Read. The vulnerability is due to incorrect memory length calculation when calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. An attacker can return previously allocated memory by providing negativ...

CVE-2024-21524

All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...

CVE-2024-21524

All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...

CVE-2024-21524

The CVE-2024-21524 entry affects the node-stringbuilder package. Affected component: StringBuilder usage in ToBuffer, ToString, or CharAt on non-empty inputs can miscalculate memory length, enabling out-of-bounds reads and potential information disclosure. Impact is described across multiple sour...

StringBuilder for Node.js Security Vulnerability

StringBuilder for Node.js is a simple and fast in-memory string generator for Node.js by Magic Len Personal Developer. A security vulnerability exists in StringBuilder for Node.js, which stems from an incorrect calculation of the memory length and is susceptible to out-of-bounds reads, which can...

CVE-2022-48478

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service...

CVE-2022-48478

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service...

Design/Logic Flaw

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service...

CVE-2022-48478

The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service...

CVE-2022-48478

CVE-2022-48478 affects Huawei HarmonyOS facial recognition TA; multiple connected sources confirm a missing memory length verification in the facial recognition component, which can cause the facial recognition service to throw exceptions. The CVE is rated CRITICAL (CVSS 9.8) with network attack ...

PT-2023-15811 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The facial recognition component of certain products lacks memory length verification. This issue can be exploited to cause exceptions in the facial recognition service...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a missing memory length check vulnerability. Successful exploitation of this...