389 matches found
PT-2026-8018
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
UBUNTU-CVE-2026-23092
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...
CVE-2026-23092 iio: dac: ad3552r-hs: fix out-of-bound write in ad3552r_hs_write_data_source
In the Linux kernel, the following vulnerability has been resolved: iio: dac: ad3552r-hs: fix out-of-bound write in ad3552rhswritedatasource When simplewritetobuffer succeeds, it returns the number of bytes actually copied to the buffer. The code incorrectly uses 'count' as the index for null...
CVE-2019-2277
Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, ...
Security update for php8
This update for php8 fixes the following issues: Security fixes: CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode bsc1255710. CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element cou...
CVE-2026-21488
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...
CVE-2026-21488
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...
CVE-2026-21488 iccDEV has Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...
CVE-2026-21488
iccDEV is affected in versions 2.3.1.1 and earlier. The root cause is in CIccTagText::Read, leading to multiple issues: Out-of-bounds Read, Heap-based Buffer Overflow, and Improper Null Termination. The vulnerability is fixed in version 2.3.1.2. According to the connected Red Hat and NVD/OSV reco...
EUVD-2026-1157
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...
CVE-2026-21488 iccDEV has Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination through its CIccTagText::Read function. This issue is fixed in version 2.3.1.2...
PT-2026-1432
Name of the Vulnerable Software and Affected Versions iccDEV versions 2.3.1.1 and below Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are susceptible to an Out-of-bounds Read, Heap-based Buffer Overflow, and Improper...
PT-2026-6162
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write issue exists in the IIO DAC AD3552R-HS driver within the Linux kernel. The issue occurs because the code incorrectly uses a potentially oversized 'count' value as ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993229)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993229 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokva...
UBUNTU-CVE-2022-50871
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...
CVE-2022-50871 wifi: ath11k: Fix qmi_msg_handler data structure initialization
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...
CVE-2022-50871
The CVE-2022-50871 entry concerns the Linux kernel component wifi: ath11k, specifically the qmi_msg_handler data structure initialization. The issue could allow an infinite loop while searching for a handler when a msg-id handler is missing from the handlers array, leading to out-of-bounds access...
CVE-2022-50871 wifi: ath11k: Fix qmi_msg_handler data structure initialization
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix qmimsghandler data structure initialization qmimsghandler is required to be null terminated by QMI module. There might be a case where a handler for a msg id is not present in the handlers array which can lead t...
CVE-2022-50828 clk: zynqmp: Fix stack-out-of-bounds in strncpy`
In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string terminated NULL...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992192)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992192 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinitdcmds This patch fixes a...