SUSE CVE-2011-3175

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management ZCM 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011074 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element...

ContractShield: Bridging Semantic-Structural Gaps Via Hierarchical Cross-Modal Fusion for Multi-Label Vulnerability Detection in Obfuscated Smart Contracts

Smart contracts are increasingly targeted by adversaries employing obfuscation techniques such as bogus code injection and control flow manipulation to evade vulnerability detection. Existing multimodal methods often process semantic, temporal, and structural features in isolation and fuse them...

CVE-2026-30873

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

EUVD-2026-13251

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2294 Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58077 SUMMARY A heap-based buffer overflow vulnerability exists in the tmpServer opcode 0x437 functionality of Tp-Link Archer AX53...

Tp-Link AX53 v1.0 tmpServer opcode 0xe01 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2288 Tp-Link AX53 v1.0 tmpServer opcode 0xe01 out-of-bounds write vulnerability March 16, 2026 CVE Number CVE-2025-61944 SUMMARY An out-of-bounds write vulnerability exists in the tmpServer opcode 0xe01 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2287 Tp-Link AX53 v1.0 tmpServer opcode 0x643 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-62404 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x643 functionality of Tp-Link AX53 v1.0 1.3.1...

Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2025-2285 Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability March 16, 2026 CVE Number CVE-2025-59487 SUMMARY A write-what-where vulnerability exists in the tmpServer opcode 0x441 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Tp-Link AX53 v1.0 tmpServer opcode 0x442 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2286 Tp-Link AX53 v1.0 tmpServer opcode 0x442 out-of-bounds write vulnerability March 16, 2026 CVE Number CVE-2025-61983 SUMMARY An out-of-bounds write vulnerability exists in the tmpServer opcode 0x442 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

Interpretation Conflict

Overview fickling is an A static analyzer and interpreter for Python pickle data Affected versions of this package are vulnerable to Interpretation Conflict via the OBJ opcode handling logic. An attacker can evade safety checks by triggering a code path where OBJ pushes an ast.Call onto the...

Fickling: OBJ opcode call invisibility bypasses all safety checks

Assessment The interpreter so it behaves closer to CPython when dealing with OBJ, NEWOBJ, and NEWOBJEX opcodes https://github.com/trailofbits/fickling/commit/ff423dade2bb1f72b2b48586c022fac40cbd9a4a. Original report Summary All 5 of fickling's safety interfaces -- islikelysafe, checksafety, CLI...

GHSA-MXHJ-88FX-4PCV Fickling: OBJ opcode call invisibility bypasses all safety checks

Assessment The interpreter so it behaves closer to CPython when dealing with OBJ, NEWOBJ, and NEWOBJEX opcodes https://github.com/trailofbits/fickling/commit/ff423dade2bb1f72b2b48586c022fac40cbd9a4a. Original report Summary All 5 of fickling's safety interfaces -- islikelysafe, checksafety, CLI...

📄 Samsung QuramDng Malformed DNG TrimBounds Opcode Out‑Of‑Bounds Read

A vulnerability exists in the image decoding logic of Quram DNG parser within libimagecodec.quram.so. The flawed bounds validation in handling TrimBounds opcode triggers out-of-bounds reads on heap-allocated image buffers. This issue allows remote attackers to craft a malicious DNG payload, embed...

📄 Samsung Quram DNG Heap Corruption

Samsung devices utilize Quram's DNG decoder. A malformed ScalePerColumn opcode with oversized areaSpec and extreme pitches leads to arithmetic overflow in the per-column scaling loop. After allocation miscalculation, subsequent writes corrupt heap structures. Carefully crafted payloads enable...

📄 Samsung QuramDNG Type Confusion Detector Vulnerability Scanner

This C++ scanner analyzes DNG Digital Negative files for the CVE-2025-58478 type confusion vulnerability in the libimagecodec.quram.so library used on Samsung devices...

kernel: io_uring: prevent opcode speculation

In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation sqe-opcode is used for different tables, make sure we santitise it against speculations...

GHSA-63CW-57P8-FM3P PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Summary A vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability Details The weightsonly=True unpickler...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21863)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21863 advisory. - In the Linux kernel, the following vulnerability has been resolved: iouring: prevent opcode speculation...

ROS-20260120-7315

A vulnerability in the uprobewriteopcode function of the kernel/events/uprobes.c module of the Linux kernel is related to incorrect calculation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...