DEBIAN-CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

CVE-2025-38728

CVE-2025-38728 : Linux kernel SMB3/kdmbd (ksmbd) mount path vulnerability. The issue stems from a missing check in parse_server_interfaces() under KASAN, enabling a slab-out-of-bounds read during a ksmbd mount. The bug is reported in the CIFS/SMB3 path with a read of size 4 at a kernel address du...

GNU ncurses parse_entry.c postprocess_termcap stack-based overflow

...

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

...

In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

...

Stack exhaustion in all Parse functions in go/parser

...

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

...

NASM Netwide Assember parser.c parse_line stack-based overflow

...

NASM Netwide Assember preproc.c parse_smacro_template null pointer dereference

...

[ceph] parse_longname(): strrchr() expects NUL-terminated string

...

cifs: fix underflow in parse_server_interfaces()

...

Linux Distros Unpatched Vulnerability : CVE-2023-35862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcoap 4.3.1 contains a buffer over-read via the function coapparseoscoreconfmem at coaposcore.c. CVE-2023-35862 Note that Nessus relies on the presence of the...

WordPress plugin Fluent Forms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-46566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in msoulier tftpy commit 467017b844bf6e31745138a30e2509145b0c529c allows a remote attacker to cause a denial of service via the...

Linux Distros Unpatched Vulnerability : CVE-2017-1000098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The net/http package's Request.ParseMultipartForm method starts writing to temporary files once the request body size surpasses the given maxMemory limit. It wa...

CVE-2025-22423

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22423

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-22423

The CVE-2025-22423 entry concerns the dng_ifd.cpp ParseTag function where a missing bounds check can crash the image renderer, enabling remote DoS with no privileges and no user interaction. Connected OSV/Red Hat/Android bulletin records corroborate a bound-check issue in the same function and de...

Linux Distros Unpatched Vulnerability : CVE-2024-23948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android, which stems from a lack of bounds checking in the ParseTag function in dngifd.cpp, which could lead to a remote denial of service...