CVE-2026-27648 web_webview has an out-of-bounds write vulnerability

in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps...

CVE-2026-43125 dlm: validate length in dlm_search_rsb_tree

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

CVE-2026-43075

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...

SUSE CVE-2026-40169

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19...

EUVD-2026-10842

In mfchandlereleasedbuf of mfccoreisr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE CVE-2026-3086

GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

PUB-A-432548852

In WAVESsenddatatodsp of libaocwaves.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

OESA-2025-2489 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read an...

CVE-2022-50553 tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'

In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event with many params and then create a trace action for it 1, kernel panic happened 2. It is because that in traceactioncreate...

Important: golang

Issue Overview: os/exec: LookPath may return unexpected paths. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

Dell BIOS 缓冲区错误漏洞

Dell BIOS is embedded software on a small memory chip on the motherboard of a computer from Dell USA. Dell BIOS suffers from a buffer overflow vulnerability that stems from the inclusion of an out-of-bounds write vulnerability that can be exploited by a local attacker with administrator privilege...

CVE-2023-42536

An improper input validation in sapeddec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write...

SUSE CVE-2018-9385

In driveroverridestore of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android I...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

EulerOS Virtualization 2.10.0 : binutils (EulerOS-SA-2022-2020)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - DISPUTED An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual...

kernel: heap out of bounds write in nf_dup_netdev.c

An out-of-bounds OOB memory access flaw was found in nftfwddupnetdevoffload in net/netfilter/nfdupnetdev.c in the netfilter subcomponent in the Linux kernel due to a heap out-of-bounds write problem. This flaw allows a local attacker with a user account on the system to gain access to out-of-boun...

CVE-2021-25670

A vulnerability has been identified in Tecnomatix RobotExpert All versions V16.1. Affected applications lack proper validation of user-supplied data when parsing CELL files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this...

PT-2018-10956

Name of the Vulnerable Software and Affected Versions YARA versions 3.7.1 and prior Description The issue arises when parsing a specially crafted compiled rule file, which can cause an out of bounds write in the yr execute code function located in libyara/exec.c. Recommendations For YARA versions...