198 matches found
SUSE CVE-2026-47104
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
UBUNTU-CVE-2026-47104
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
CVE-2026-47104 libusb < 1.0.30 Out-of-Bounds Read in parse_iad_array()
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
EUVD-2026-32500
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
CVE-2026-47104
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
CVE-2026-47104
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
CVE-2026-47104
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...
PT-2026-43972
Name of the Vulnerable Software and Affected Versions libusb versions prior to 1.0.30 Description A one-byte out-of-bounds read exists in the parse iad array function within descriptor.c. This occurs when a malformed USB descriptor is supplied where the bLength equals the size minus one, causing...
Astra Linux - уязвимость в tar
GNU Tar version 1.34 has a one-byte out-of-bounds read operation, which allows for the use of uninitialized memory during a conditional jump. Exploitation to alter the control flow has not been demonstrated. The issue occurs in the fromheader section of the list.c file, due to a V7 archive where...
CVE-2026-44523
Note Mark is an open-source note-taking application. Prior to 0.19.4, no minimum length or entropy is enforced on the JWTSECRET configuration value. The application accepts any base64-decodable secret regardless of size, including secrets as short as 1 byte. This vulnerability is fixed in 0.19.4...
CVE-2026-44215
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...
CVE-2026-44215
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS filesystem image. The attacker controls the byte offset of th...
CVE-2026-43452
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...
PT-2026-39113
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter x tables component allows for 1-byte tail reads. This occurs when the last byte of options is a non-single-byte option kind, causing walkers that advance using th...
UBUNTU-CVE-2026-44603
Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...
CVE-2026-44603
Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...
CVE-2026-44603
Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...
UBUNTU-CVE-2026-43860
mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...
PT-2026-36773
mutt before 2.3.2 sometimes truncates the hash passwd by one byte for IMAP auth cram MD5 digest...
Astra Linux - уязвимость в thunderbird
It may be possible for an attacker to create an email message that causes Thunderbird to perform an out-of-bounds write operation, writing one byte when processing the message. This vulnerability affects Thunderbird versions prior to 91.6.1...