CVE-2026-5466

CVE-2026-5466 affects wolfSSL’s ECCSI verifier wc_VerifyEccsiHash, which decodes r and s without validating they lie in [1, q-1]. This could allow forging a signature to verify against any message for any identity using publicly-known constants. Connected docs confirm the root cause: missing sani...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nfsd4decodecompound function that does not perform range checking, which could lead to out-of-bounds rea...

CVE-2023-20843

In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119...

CVE-2023-20841

In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441...

CVE-2023-20840

In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430...

CVE-2023-20848

In imgsyscmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433...

CVE-2023-32839

In dpe, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262576; Issue ID: ALPS07262576...

kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmapipuadt When tbIPSETATTRIPTO is not present but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but...

PT-2023-24067 · Dpe · Dpe

Name of the Vulnerable Software and Affected Versions: dpe affected versions not specified Description: The issue is related to a possible out of bounds write due to missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User...

CVE-2023-20840

In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of valid range checking in imgsyscmdq, which may result in out-of-bounds reads...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of valid range checking in imgsyscmdq, which may result in out-of-bounds reads...

MediaTek Chip Buffer Error Vulnerability

MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips, which stems from a lack of valid range checking in imgsys, which may result in read and write out-of-bounds conditions...

PT-2023-17673 · Unknown · Imgsys Cmdq

Name of the Vulnerable Software and Affected Versions: imgsys cmdq affected versions not specified Description: In imgsys cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User...

PT-2023-17665 · Imgsys · Imgsys

Name of the Vulnerable Software and Affected Versions: imgsys affected versions not specified Description: The issue is related to a possible out of bounds write due to missing valid range checking in imgsys. This could lead to local escalation of privilege, requiring System execution privileges...

Debian: Security Advisory (DLA-383-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3452-1 : claws-mail - security update

'DrWhax' of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account of a user that receives a message from them using Claws Mail. %NASLMINLEVEL 70300 C Tenable Network...