210 matches found
CVE-2026-51541
OpENer 2.3.0 (commit 76b95cf) is affected by CVE-2026-51541 due to an out-of-bounds read in CIP message parsing when processing malformed explicit requests with a forged EPath size. An ENIP SendRRData frame carrying a short CIP payload with a larger declared path_size can cause the parser to cont...
CVE-2026-13757
A flaw was found in p11-kit. The RPC message attribute parsing functions p11rpcmessagegetattribute and p11rpcmessagegetattributearrayvalue form a mutually-recursive call chain with no recursion depth limit when processing nested CKAWRAPTEMPLATE, CKAUNWRAPTEMPLATE, and CKADERIVETEMPLATE attributes...
Russh SSH message fields were decoded through allocation-first parsers before field-specific bounds
SSH message fields were decoded through allocation-first parsers before field-specific bounds Summary Several russh client and server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH pe...
CVE-2026-46199 drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vcn3 decoding message parsing process. This process does not check for boundaries, potentiall...
CLSA-2026-1778254557 httpd: Fix of 8 CVEs
CVE-2026-24072: modrewrite/modsetenvif: use APEXPRFLAGRESTRICTED in htaccess to prevent reading server-side files via apexpr from .htaccess - CVE-2026-29169: moddavlock: NULL pointer dereference in davgenericrefreshlocks use dpscan instead of dp - CVE-2026-33006: modauthdigest: timing attack —...
SUSE SLED15 / SLES15 Security Update : protobuf (SUSE-SU-2026:1653-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1653-1 advisory. Refresh fixes: - CVE-2025-4565: parsing of untrusted Protocol Buffers data containing an arbitrary number of...
CVE-2026-33447
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...
CVE-2026-33447
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...
CVE-2026-33447
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with control of a modified server can send a special packet that can overwrite a small portion of memory conceivably leading to memory corruption or denial of service...
CVE-2026-33447
CVE-2026-33447 is a buffer overflow in the Secure Access client’s message parsing function prior to 14.50. An attacker able to control a modified server can send a crafted packet to overwrite a small portion of memory, potentially causing memory corruption or denial of service. Remediation: upgra...
PT-2026-36169
Name of the Vulnerable Software and Affected Versions Secure Access client versions prior to 14.50 Description A buffer overflow exists in a message parsing function of the client. Attackers controlling a modified server can send a specially crafted packet to overwrite a small portion of memory,...
CLSA-2026-1776941204 squid: Fix of CVE-2021-28116
CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...
CLSA-2026-1776855642 Fix CVE(s): CVE-2019-17498, CVE-2019-3857
SECURITY UPDATE: Integer overflow leading to out-of-bounds write when SSHMSGCHANNELREQUEST packets with exit signal messages are parsed. - debian/patches/CVE-2019-3857.patch: check namelen + 1 does not overflow before allocation in exit-signal handling. - CVE-2019-3857 SECURITY UPDATE: Integer...
EUVD-2025-209243
An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DA...
PT-2026-30703
Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description A Stack-based Buffer Overflow...
NanoMQ 安全漏洞
NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. There is a security vulnerability in NanoMQ, which stems from the use of the hookworkcb function to parse message bodies using cJSONParse. This leads to out-of-bounds read access to unallocated memory...
UBUNTU-CVE-2026-23307
In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...
CVE-2026-23307
In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...
CLSA-2026-1772571803 munge: Fix of CVE-2026-25506
CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks and input validation for address length; prevent leak of cryptographic MAC subkey and forging of arbitrary credentials...