3428 matches found
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerabilities
Summary Multiple exploitable out-of-bounds read vulnerabilities exist in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket message can lead to a arbitrary code execution. An attacker can stage a malicious webpage to trigger these vulnerabilities...
CVE-2026-46198
A flaw was found in the Linux kernel's batman-adv component. An integer overflow in the batadvivogmsendtoif function, specifically with the buffpos variable, can lead to an out-of-bound read. This occurs because the size check uses an int type while buffpos uses an s16 type, causing a mismatch th...
Canonical Ubuntu Linux 安全漏洞
Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux 6.8, 6.17, and 7.0 versions contain security vulnerabilities. These vulnerabilities stem from incorrect validation of internal structure sizes, which may lead to out-of-bound...
Astra Linux – Vulnerability in xrdp
xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains a “Out of Bound Read” issue in the xrdpmmtransprocessdrdynvcchannelclose function. There are no known solutions to this problem. Users are advis...
CVE-2026-43620
Rsync 3.4.2 and earlier are affected by a receiver-side out-of-bounds array read in recv_files() (receiver.c). The underlying cause is a mismanaged pointer array leading to an 8-byte read before the allocated array, allowing a crafted file list (with CF_INC_RECURSE enabled, first sorted entry not...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by out-of-bound read and write operations to the GFX interface. This vulnerability could allow remote attackers to execute arbitrary...
SUSE-SU-2026:1618-1 Security update for dnsdist
This update for dnsdist fixes the following issues: Update to version 1.9.12. - https://www.dnsdist.org/changelog.htmlchange-1.9.12 Security issues fixed: - CVE-2026-0396: crafted DNS queries triggering domain-based dynamic rules can lead to HTML injection in the web dashboard bsc1261236. -...
Squid 安全漏洞
Squid is a set of open-source proxy servers and web caching servers developed by Squid. This software provides features such as caching the World Wide Web, filtering traffic, and proxy access. Versions of Squid prior to 7.5 contained security vulnerabilities, which were caused by improper input...
CLSA-2026-1774010101 Fix CVE(s): CVE-2026-25898, CVE-2026-25971, CVE-2026-25983
SECURITY UPDATE: out-of-bound read with negative pixel index in UIL and XPM encoders - debian/patches/CVE-2026-25898.patch: add bounds check on pixel index value returned by GetPixelIndex before using as array subscript - CVE-2026-25898 SECURITY UPDATE: heap use-after-free in MSL repage and roll...
EUVD-2026-9050
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...
EUVD-2026-9043
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...
CVE-2026-22717
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed...
CVE-2024-36320
Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability...
MiracleLinux 8 : libtasn1-4.13-4.el8 (AXSA:2023-4782:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4782:01 advisory. libtasn1: Out-of-bound access in ETYPEOK CVE-2021-46848 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004163)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004163 advisory. In uvcparsestandardcontrol of uvcdriver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure wi...
CVE-2018-9564
In llcputilparselinkparams of llcputil.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...
CVE-2018-9423
In ihevcdparsesliceheader of ihevcdparsesliceheader.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2018-9351
In ih264efmtconv420pto420sp of ih264efmtconv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2018-9449
In processservicesearchattrrsp of sdpdiscovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...