CVE-2026-24108

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

EUVD-2026-9181

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

UBUNTU-CVE-2025-39902

In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to...

CVE-2023-53327

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Catch overflow of uptr and length syzkaller hits a WARNON when trying to have a uptr close to UINTPTRMAX: WARNING: CPU: 1 PID: 393 at drivers/iommu/iommufd/selftest.c:403 iommufdtest+0xb19/0x16f0 Modules linked...

CVE-2023-53327 iommufd/selftest: Catch overflow of uptr and length

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Catch overflow of uptr and length syzkaller hits a WARNON when trying to have a uptr close to UINTPTRMAX: WARNING: CPU: 1 PID: 393 at drivers/iommu/iommufd/selftest.c:403 iommufdtest+0xb19/0x16f0 Modules linked...

SUSE CVE-2025-37912

In the Linux kernel, the following vulnerability has been resolved: ice: Check VF VSI Pointer Value in icevcaddfdirfltr As mentioned in the commit baeb705fd6a7 "ice: always check VF VSI pointer values", we need to perform a null pointer check on the return value of icegetvfvsi before using it...

scsi: wd33c93: Don't use stale scsi_pointer value

...

UBUNTU-CVE-2024-46778

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfigurationparamsst's UnboundedRequestEnabled is a pointer i.e. dmlboolt UnboundedRequestEnabled, and thus if p-UnboundedRequestEnabled checks its...

ROS-20240805-06

An Envoy proxy vulnerability is related to incorrect validation of an erroneous pointer value. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to crash. application crash...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an object overflow that results in an invalid pointer value...

SUSE CVE-2017-17864

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles statesequal comparisons between the pointer data type and the UNKNOWNVALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."...

SUSE CVE-2018-5380

The Quagga BGP daemon bgpd prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input...

CVE-2018-5380

The Quagga BGP daemon bgpd prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input...

CVE-2017-17863

kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service integer overflow or invalid memory access or possibly have unspecified other impact...

CVE-2017-17863

kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service integer overflow or invalid memory access or possibly have unspecified other impact...

CVE-2017-17863

kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service integer overflow or invalid memory access or possibly have unspecified other impact...

Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability

Summary An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a specia...

CVE-2015-7036

The fts3tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a SQL command that triggers an API call with a crafted pointer value in the second argument...

Sql injection

The fts3tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a SQL command that triggers an API call with a crafted pointer value in the second argument...

CVE-2015-7036

The fts3tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a SQL command that triggers an API call with a crafted pointer value in the second argument...