EUVD-2026-31239

A missing output length bounds check in pullcharsetflags in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to execute arbitrary code or cause a denial of service via crafted character set data...

PT-2026-42418

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.4 through 4.4.2 Description A missing output length bounds check in the pull charset flags function allows a remote authenticated attacker to execute arbitrary code or cause a denial of service by sending crafted characte...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: cifs: preventing incorrect output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following value of 0x10 will be returned. c buffer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013496)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013496 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with...

Incorrect Length Encoding on KDF Export

Passing values length 65535 to Context::export produces output that disagrees with the RFC 9180 label encoding. In particular the length value is cast to u16 truncating any value exceeding 65535. Impact Applications that use hpke-rs to export very large secrets would experience interoperability...

GHSA-M449-CWJH-6PW7 pypdf's LZWDecode streams be manipulated to exhaust RAM

Impact An attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This is a follow up to GHSA-jfx9-29x2-rv3j to align the default limit with the one for zlib. Patche...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987524)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987524 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with...

EUVD-2025-15443

Malicious code in bioql PyPI...

EUVD-2022-38393

Malicious code in bioql PyPI...

CLSA-2025-1748626881 golang: Fix of 2 CVEs

CVE-2024-24789: fix zip parsing to reject EOCDR records with truncated comments - CVE-2024-9355: fix HMAC to pass initialized length to EVPDigestSignFinal, ensuring correct output handling...

Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

SUSE CVE-2022-49271

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...

DEBIAN-CVE-2022-49271

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an output length error in smb2ioctlqueryinfo that results in a null pointer dereference...

BIT-NODE-MIN-2021-23840 Integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

SUSE CVE-2024-50074

In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...

XKCP: buffer overflow in the SHA-3 reference implementation

A flaw was found in the Keccak XKCP SHA-3 reference implementation. The sponge function interface allows partial input data to be processed, and partial output to be produced. When at least one of these has a length of 4294967096 bytes or more, it can result in elimination of cryptographic...

PT-2022-22872 · Unknown · Triplecross

Name of the Vulnerable Software and Affected Versions: TripleCross version 0.1.0 Description: A segmentation fault occurs when sending a control command from the client to the server. This issue arises because there is no limit to the length of the output of the executed command. Recommendations:...

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

openssl: integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...