35 matches found
CVE-2026-29007 U-Boot 2026.04-rc3 Out-of-Bounds Read in tcp_rx_state_machine via tcp.c
U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerability in tcprxstatemachine net/tcp.c when CONFIGPROTTCP is enabled, allowing remote attackers to read beyond TCP segment boundaries by crafting a malicious packet with a mismatched IP total length and TCP data offset field. Attacke...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...
CVE-2026-43350 smb: client: require a full NFS mode SID before reading mode bits
In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...
CVE-2026-33666 Zserio: Integer Overflow in BitStreamReader on 32-bit platforms
Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes / readString, the setBitPosition bounds check receives the overflowed value and is completely bypassed. The code then reads len bytes 512 MB fr...
CVE-2026-40339
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 842. The function reads the FormFlag byte via dtoh8odata, poffset without a prior bounds check. The standard ptpunpackDPD at lines...
SUSE-SU-2026:0779-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. - CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. - CVE-2026-0966: buffer underflow in...
Out-of-bounds Read
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
CLSA-2026-1771238245 kernel: Fix of 13 CVEs
fbdev: Fix vmalloc out-of-bounds write in fastimageblit CVE-2025-38685 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - fbdev: fix potential buffer overflow in doregisterframebuffer CVE-2025-38702 - scsi: ses: Fix slab-out-of-bounds in...
MiracleLinux 8 : grub2-2.02-156.el8.ML.1 (AXSA:2024-8448:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8448:04 advisory. grub2: grub2-set-bootflag can be abused by local pseudo-users CVE-2024-1048 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code...
SUSE-SU-2026:20245-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418. - CVE-2026-0719: Fixed overflow for password md4sum bsc1256399...
CVE-2025-64465
CVE-2025-64465 is an out-of-bounds read in NI LabVIEW’s lvre!DataSizeTDR() when parsing a corrupted VI file. Affected: NI LabVIEW 2025 Q3 (25.3) and earlier. Impact: information disclosure or arbitrary code execution if a user opens a specially crafted VI. Exploitation condition: user interaction...
Oracle Linux 8 : edk2 (ELSA-2025-20669)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20669 advisory. - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause Protection Mechanism Failure by local access Orabug: 38381983 CVE-2025-3770 ...
edk2 security update
20250905-4.el8 - Create new 20250905 release for OL8 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause "Protection Mechanism Failure" by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where...
DEBIAN-CVE-2025-40088
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplusstrcasecmp The hfsplusstrcasecmp logic can trigger the issue: 117.317703 T9855 ================================================================== 117.318353 T9855 BUG: KASAN:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-409713)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-409713 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/platform: check the bounds of read/write syscalls count and offset are passed from user spac...
kernel security update
An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
SUSE-SU-2025:20596-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 - CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 - CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...
Linux Distros Unpatched Vulnerability : CVE-2022-48966
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvnetaconfigrss The pp-indir0 value comes from th...
SUSE-SU-2025:02278-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. - CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. - CVE-2025-5318: Fixed likely read beyond bounds in sftp server...
CVE-2020-0152
In avbvbmetaimageverify of avbvbmetaimage.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android I...