CVE-2026-7764

The CVE-2026-7764 issue affects Morse Micro HaLowLink 2 prior to 2.11.12, specifically the morse.ko HaLow Wi‑Fi kernel driver. An out-of-bounds heap read can be triggered by malformed Vendor Information Elements in 802.11ah beacon/probe responses. The root cause is that morse_vendor_find_vendor_i...

OESA-2026-2435 dnsmasq security update

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...

CVE-2026-43025

CVE-2026-43025 affects the Linux kernel netfilter component. A local attacker can trigger a slab-out-of-bounds read when creating new expectations by supplying a non-master conntrack helper, potentially enabling information disclosure from kernel memory. The issue is described across multiple sou...

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

DEBIAN-CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

PT-2026-2608

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2-enjuk-tnguy-00378-g3005f5b77652-dirty Description The Linux kernel contains off-by-one errors in the iavf config rss reg function when configuring RSS hash key and lookup table. These errors can lead t...

RLSA-2026:0126 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Out-of-Bounds Read in Poppler CVE-2025-32365 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

CVE-2022-50709

CVE-2022-50709 concerns the Linux kernel’s wifi/ath9k path where ath9k_hif_usb_rx_stream() can allocate skb with uninitialized memory because pkt_len is not validated before use in ath9k_htc_rx_msg(). The patch described resolves the issue by validating pkt_len prior to access in ath9k_htc_rx_msg...

CVE-2025-67749

CVE-2025-67749 affects PCSX2 up to version 2.5.377. The issue arises from an unchecked offset and size used in a memcpy inside CDVD SCMD 0x91 and 0x8F handlers, allowing an specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory (offset/size controlled via MG heade...

CVE-2025-40246 xfs: fix out of bounds memory read error in symlink repair

In the Linux kernel, the following vulnerability has been resolved: xfs: fix out of bounds memory read error in symlink repair xfs/286 produced this report on my test fleet: ================================================================== BUG: KFENCE: out-of-bounds read in memcpyorig+0x54/0x110...

EUVD-2017-15046

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an attribute entry in the spics42l43 module that is not terminated with null, which could result in a memory rea...

TencentOS Server 3: libXpm (TSSA-2024:0181)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0181 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0147: libX11 (ALINUX3-SA-2024:0147)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0147 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-43785: A vulnerability was found ...

Astra Linux - уязвимость в openssl

Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...

PT-2025-6301 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the Internet Connection Sharing ICS function of Windows operating systems. It involves a memory reading error beyond the allowed...

PT-2025-1169 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a component of the Windows operating system, specifically Digital Media, and involves a memory reading error beyond the allowed range. This can be...

PT-2025-1170 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a component of Windows Digital Media and involves a memory reading error beyond the allowed range. This can potentially allow an attacker to elevate...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a logic error in the geniseclktblget function in the soc: qcom: geni-se module's checking of frequencies i...

Oracle Linux 9 : libX11 (ELSA-2024-2145)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2145 advisory. - Fix CVE-2023-43785: out-of-bounds memory access in XkbReadKeySyms - Fix CVE-2023-43786: stack exhaustion from infinite recursion in PutSubImage Tenab...