SUSE SLED15 / SLES15 Security Update : libpng12 (SUSE-SU-2026:1716-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1716-1 advisory. Update to version 1.2.59 jscPED-16191. Security issues : - CVE-2017-12652: missing chunk length check can lead...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accessing iniei + 5 before the length check in rtwrestructwmmie, potentially leading to...

CLSA-2026-1778020045 binutils: Fix of CVE-2021-3826

CVE-2021-3826: fix heap/stack buffer overflow in dlanglname libiberty d-demangle.c via missing length check in dlangsymbolbackref...

Security update for freerdp2

This update for freerdp2 fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

SUSE-SU-2026:1633-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

CVE-2026-21434 webtransport-go affected by Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule

webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation...

CVE-2022-33283

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check...

EUVD-2026-0807

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes via malformed NAS...

CVE-2024-56426

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to out-of-bounds writes via malformed USB packets to the target...

CVE-2025-27374

An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a length check leads to out-of-bounds writes...

EUVD-2021-9937

Malicious code in bioql PyPI...

CVE-2025-26432

In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26432

In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26432

CVE-2025-26432: A DoS vulnerability in Google Android arises from missing length checks in multiple locations, allowing local denial of service with no extra privileges and no user interaction. The issue is described across multiple CVE feeds; Android bulletin details assignability to patch level...

CVE-2025-26432

In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26432

In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-36013

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A missing length check in multiple locations may allow for a persistent denial-of-service DoS condition on the device. Exploitation of this issue could lead to a local denial of service without...

SAMSUNG Exynos 2400和SAMSUNG Exynos 1480 缓冲区错误漏洞

SAMSUNG Exynos 2400 and SAMSUNG Exynos 1480 are both cell phone chip processors from Samsung South Korea. A security vulnerability exists in the SAMSUNG Exynos 2400 and SAMSUNG Exynos 1480 that stems from a missing length check that could lead to out-of-bounds writes...

ASB-A-386802855

In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-22761

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in disclosure of information or remote code e+F15xecution due to missing length check on user supplied data, when a malicious...