PT-2026-23039

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...

CVE-2026-3437

CVE-2026-3437 affects Portwell Engineering Toolkits (version 4.8.2). The issue is an improper restriction of operations within the bounds of a memory buffer in the Portwell Toolkits driver, enabling a local authenticated attacker to read and write arbitrary memory. Exploitation could lead to priv...

ASB-A-432728472

In tlsrxmsgsize of tlssw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Use After Free

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Use After Free

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

PT-2026-31530

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description An integer overflow issue exists in the WebRTC component of Google Chrome. A remote attacker could potentially cause an out-of-bounds memory write by using a specially crafted HTML page...

📄 Pillow PSD Parser Out-Of-Bounds Write

Proof of concept exploit that creates a malicious .psd file for Pillow that attempts an out-of-bounds write. This issue is patched in version 12.1.1. ============================================================================================================================================= | Tit...

Linux Distros Unpatched Vulnerability : CVE-2026-2648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF fil...

CVE-2026-2648

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. Chromium security severity: High...

CVE-2026-2648

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. Chromium security severity: High...

CVE-2026-2648

CVE-2026-2648 describes a heap buffer overflow in PDFium used by Google Chrome, allowing a remote attacker to trigger an out-of-bounds memory write via a crafted PDF. Affected product/component: Google Chrome (PDFium). Vulnerable condition: heap buffer overflow in PDFium before Chrome 145.0.7632....

CVE-2026-2648

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. Chromium security severity: High...

SUSE-SU-2026:0498-1 Security update for openssl1

This update for openssl1 fixes the following issues: - CVE-2025-68160: Heap out-of-bounds write in BIOflinebuffer on short writes bsc1256834. - CVE-2025-69420: Missing ASN1TYPE validation in TSRESPverifyresponse function bsc1256837. - CVE-2025-69421: NULL Pointer Dereference in...

CVE-2026-2007

CVE-2026-2007 affects PostgreSQL 18.0 and 18.1 due to a heap buffer overflow in the pg_trgm component, where crafted input strings can write patterns into server memory. The attacker’s control over the byte patterns is limited, and the document notes unknown impacts, with a potential for privileg...

CVE-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

CVE-2026-20700

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this...

CVE-2025-52534

Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity...

CVE-2025-52534

Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity...

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

CVE-2025-52534

CVE-2025-52534 affects AMD CPUs (AMD EPYC/embedded families) via an improper bound check in CPU microcode. A malicious guest could write to host memory, potentially compromising integrity. Public sources list the vulnerability but do not describe exploited in-the-wild activity; remediation/patch ...