kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

libssh: libssh: Denial of Service due to malformed SFTP message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

CVE-2026-34002

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

UBUNTU-CVE-2026-34941

Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, Wasmtime contains a vulnerability where when transcoding a UTF-16 string to the latin1+utf16 component-model encoding it would incorrectly validate the byte length of the input string when performing a bounds chec...

DEBIAN-CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

PT-2026-22417

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0074 Description Vim, an open source command line text editor, has an issue where a heap-based buffer overflow out-of-bounds read can occur in the Emacs-style tags file parsing logic. Processing a specially crafted,...

The vulnerability of the dm thin kernel component in the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the dm thin kernel component in the Linux operating system is related to memory reading beyond the allocated buffer in the getfirstthin function in drivers/md/dm-thin.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the domlsd() function in the ls.c file of the FTP server Pure-FTPd allows a hacker to interrupt the user’s connection with the server.

The vulnerability of the domlsd function in the ls.c file of the FTP server Pure-FTPd involves reading data beyond the allowed range of memory. Exploiting this vulnerability could allow a remote attacker to interrupt the user’s connection to the server...

The vulnerability of the check_rstbl() function in the NTFS3 file system of Linux operating systems allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the checkrstbl function in the fs/ntfs3/fslog.c file of the NTFS3 file system in the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of t...

The vulnerability of the dlpar_memory_remove_by_index() function in the Linux operating system’s PowerPC PSeries kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dlparmemoryremovebyindex function in the Linux operating system’s PowerPC PSeries kernel memory driver relates to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

PT-2024-21645

Name of the Vulnerable Software and Affected Versions OpenZeppelin Contracts versions prior to 4.9.6 OpenZeppelin Contracts versions prior to 5.0.2 Description The Base64.encode function in OpenZeppelin Contracts encodes a bytes input by iterating over it in chunks of 3 bytes. When this input is...

PT-2023-6675 · Siemens · Solid Edge Se2022 +1

Name of the Vulnerable Software and Affected Versions: Solid Edge SE2022 versions prior to V222.0MP12 Solid Edge SE2023 versions prior to V223.0Update2 Description: The issue is related to an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This...

ISC BIND 缓冲区错误漏洞

ISC BIND is the United States ISC company's set of open source software that implements the DNS protocol. ISC BIND suffers from a buffer overflow vulnerability that originates when reusing an HTTP connection to request statistics from the stats channel, where the length of the contents of...

CVE-2021-26388

Improper validation of the BIOS directory may allow for searches to read beyond the directory table copy in RAM, exposing out of bounds memory contents, resulting in a potential denial of service...