Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-019019)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-019019 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the CapFQDN.DecodeFromBytes function of the BGP OPEN Message Handler. An attacker can bypass intended access controls by manipulating the domainNameLen argument remotely, potentially resulting in...

OpenAirInterface 安全漏洞

OpenAirInterface is a mobile communication network software platform developed by the French company OpenAirInterface. Version OpenAirInterface V2.2.0 contains a security vulnerability; this vulnerability stems from failed decoding of messages, which may lead to an AMF crash...

EUVD-2018-12609

Malware in sbrugna...

EUVD-2024-19163

Malicious code in bioql PyPI...

EUVD-2024-19162

Malicious code in bioql PyPI...

EUVD-2023-28498

Malicious code in bioql PyPI...

PT-2025-19866 · Qualcomm · Snapdragon +28

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue involves memory corruption that occurs during the decoding of Over-The-Air OTA messages from T3448 IE. This corruption happens due to a problem in the decoding process of these...

CVE-2024-21453

Transient DOS while decoding message of size that exceeds the available system memory...

OESA-2024-2503 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

PT-2024-29281 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG affected versions not specified Description: An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The issue exists in the...

ALSA-2024:9456 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...

squid: Denial of Service in HTTP Chunked Decoding

A flaw was found in Squid. This issue may allow a remote attacker to trigger an uncontrolled recursion bug when sending a specially crafted, chunked, encoded HTTP Message, resulting in a denial of service...

CVE-2024-21453

Transient DOS while decoding message of size that exceeds the available system memory...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service when decoding messages whose size exceeds the available system memory...

SUSE CVE-2023-2794

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliver function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check f...

SUSE CVE-2023-4235

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliverreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

PT-2023-9381 · Ofono +4 · Ofono +4

Name of the Vulnerable Software and Affected Versions: ofono affected versions not specified Description: A stack-based buffer overflow flaw exists in the decode deliver function within ofono, an Open Source Telephony on Linux, during SMS decoding. The issue arises from a missing bound check...

CVE-2023-24480 Controller stack overflow when decoding messages from the server

Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning...

CVE-2023-24480

CVE-2023-24480 describes a DoS caused by a stack overflow when decoding a server message in Honeywell Experion PKS, LX, and PlantCruise. Connected sources indicate the vulnerability can be exploited remotely (low attack complexity) and affect Honeywell products; Honeywell’s advisory notes upgradi...