freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow flaw has been discovered in FreeRDP. In affected versions RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array...

EUVD-2026-16226

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...

CVE-2026-28690

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data...

Google Pixel 安全漏洞

The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from out-of-bounds writes due to the lack of bounds checks. This vulnerability may lead to an increase in local privileges...

CVE-2026-28690

ImageMagick contains a stack write buffer overflow in the MNG encoder, affecting versions prior to 7.1.2-16 and 6.9.13-41 due to missing bounds checks that can allow attacker‑controlled data to corrupt the stack. The vulnerability has a CVSS 3.1 base score of 6.9 (MEDIUM) with LOCAL attack vector...

EUVD-2026-9169

In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721...

CVE-2026-20441

CVE-2026-20441 affects the MAE component, where a missing bounds check can cause an out-of-bounds write. This could enable local escalation of privilege to System if already present, with no user interaction required. The patch referenced is ALPS10432500 (Issue ID: MSV-5803). No exploitation deta...

PT-2026-22556

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536...

ALPINE-CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

CVE-2021-0412

In flv extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561366; Issue ID: ALPS05561366...

MediaTek chipsets 安全漏洞

MediaTek Chipsets is a line of chipsets from China's MediaTek Corporation MediaTek. A security vulnerability exists in MediaTek chipsets, which stems from an out-of-bounds write due to a lack of bounds checking, and could lead to local elevation of privilege...

CVE-2023-20761

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628582...

CVE-2018-9388

In storeupgrade and storecmd of drivers/input/touchscreen/stm/ftm4pdc.c, there are out of bound writes due to missing bounds checks or integer underflows. These could lead to escalation of privilege...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A buffer error vulnerability exists in MediaTek Chipsets, which stems from the DA module containing a missing bounds-checking issue that could lead to out-of-bounds writes...

MediaTek Chipsets 缓冲区错误漏洞

MediaTek Chipsets are a variety of chips from China's MediaTek Corporation MediaTek. A buffer error vulnerability exists in MediaTek Chipsets, which stems from the secmem module containing a missing bounds-checking issue that could lead to out-of-bounds writes...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking in multiple functions of glproc.c, which can be exploited by an attacker to cause privilege escalation...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from a lack of bounds checking in protocolmiscHwConfigChangeAdapter::GetData's protocolmiscmiscadapter.cpp, which can be exploited by an attacker to cause an...

CVE-2024-41595

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations...

CVE-2024-41595

CVE-2024-41595 affects DrayTek Vigor310 devices up to firmware 4.3.2.6, with a flaw in CGI handling (read/write operations) due to missing bounds checks. This enables a remote attacker to change settings or cause a denial of service via the web UI. Red Hat and NVD corroborate the vulnerability de...

CVE-2024-41595

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations...