CVE-2025-39943 ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: validate dataoffset and datalength field of smbdirectdatatransfer If dataoffset and datalength of smbdirectdatatransfer struct are invalid, out of bounds issue could happen. This patch validate dataoffset and...

SUSE CVE-2016-3134

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service heap memory corruption via an IPTSOSETREPLACE setsockopt call...

Linux kernel 4.6.2 - IP6T_SO_SET_REPLACE Privilege Escalation

Exploit for linux platform in category local exploits Exploit Title: Linux kernel = 4.6.2 - Local Privileges Escalation via IP6TSOSETREPLACE compat setsockopt call Date: 2016.10.8 Exploit Author: Qian email protected Qihoo 360 Version: Linux kernel = 4.6.2 Tested on: Ubuntu 16.04.1 LTS Linux...

UBUNTU-CVE-2016-3134

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service heap memory corruption via an IPTSOSETREPLACE setsockopt call...

CVE-2011-1522

Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the 1 limit or 2 offset field...

php: exif_read_data crash on corrupted JPEG files

The exifreaddata function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service crash via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353...