PT-2026-47776

Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A flaw exists in the LDIF parser where it reads past the end of a heap buffer when processing attribute types that contain trailing semicolons during a database import. This...

CVE-2026-7764

The CVE-2026-7764 entry documents an out-of-bounds read in Morse Micro HaLowLink 2 software (versions prior to 2.11.12) affecting the morse.ko HaLow Wi‑Fi kernel driver. An unauthenticated attacker within radio range can trigger a heap out-of-bounds read (up to 9 bytes) or a Denial of Service by ...

OESA-2026-2435 dnsmasq security update

Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portabl...

CVE-2026-43025

CVE-2026-43025 affects the Linux kernel netfilter component. A local attacker can trigger a slab-out-of-bounds read when creating new expectations by supplying a non-master conntrack helper, potentially enabling information disclosure from kernel memory. The issue is described across multiple sou...

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

DEBIAN-CVE-2026-5441

An out-of-bounds read vulnerability exists in the DecodePsmctRle1 function of DicomImageDecoder.cpp. The PMSCTRLE1 decompression routine, which decodes the proprietary Philips Compression format, does not properly validate escape markers placed near the end of the compressed data stream. A crafte...

PT-2026-2608

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2-enjuk-tnguy-00378-g3005f5b77652-dirty Description The Linux kernel contains off-by-one errors in the iavf config rss reg function when configuring RSS hash key and lookup table. These errors can lead t...

RLSA-2026:0126 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Out-of-Bounds Read in Poppler CVE-2025-32365 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

CVE-2022-50709

CVE-2022-50709 concerns the Linux kernel’s wifi/ath9k path where ath9k_hif_usb_rx_stream() can allocate skb with uninitialized memory because pkt_len is not validated before use in ath9k_htc_rx_msg(). The patch described resolves the issue by validating pkt_len prior to access in ath9k_htc_rx_msg...

CVE-2025-67749

CVE-2025-67749 affects PCSX2 up to version 2.5.377. The issue arises from an unchecked offset and size used in a memcpy inside CDVD SCMD 0x91 and 0x8F handlers, allowing an specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory (offset/size controlled via MG heade...

CVE-2025-40246 xfs: fix out of bounds memory read error in symlink repair

In the Linux kernel, the following vulnerability has been resolved: xfs: fix out of bounds memory read error in symlink repair xfs/286 produced this report on my test fleet: ================================================================== BUG: KFENCE: out-of-bounds read in memcpyorig+0x54/0x110...

EUVD-2017-15046

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an attribute entry in the spics42l43 module that is not terminated with null, which could result in a memory rea...

TencentOS Server 3: libXpm (TSSA-2024:0181)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0181 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0147: libX11 (ALINUX3-SA-2024:0147)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0147 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-43785: A vulnerability was found ...

The vulnerability of the Linux operating system’s kernel WiFi component, which allows a hacker to trigger a service failure

The vulnerability of the mt7996mcustabfertlv function in the Linux kernel’s Wi-Fi component is related to memory-read errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

Astra Linux – Vulnerability in OpenSSL

Issue summary: Applications that perform certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address, resulting in an abnormal termination of the application process. Impact summary: An abnormal termination of an application can cause a...

PT-2025-6301 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the Internet Connection Sharing ICS function of Windows operating systems. It involves a memory reading error beyond the allowed...

The vulnerability of the vduse_vdpa_get_config() function in the vDPA driver of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the vdusevdpagetconfig function in the vDPA driver, located in the drivers/vdpa/vdpauser/vdusedev.c file of the Linux kernel, involves reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2025-1169 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a component of the Windows operating system, specifically Digital Media, and involves a memory reading error beyond the allowed range. This can be...