SUSE CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218 drm/amdgpu: Add bounds checking to ib_{get,set}_value

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46218

The vulnerability CVE-2026-46218 affects the Linux kernel DRM AMDGPU driver. The issue is in ib_get_value/ib_set_value where the uvd/vce/vcn code accessed the Instruction Buffer (IB) at predefined offsets without verifying the IB size, enabling out-of-bounds reads/writes. The root cause is missin...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks in the ibget,setvalue function within drm/amdgpu, potentially leading...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: dev: cansettermination, which allows for GPIO devices that are in a sleeping state to be managed. In commit 6e86a1543c37 “can: dev: provide optional GPIO-based termination support”, GPIO-based termination support was added...

Command Injection

Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Command Injection via the setvalue function when the section parameter is not properly validated for newline characters. An attacker can execute arbitrary code by...

CVE-2026-44244

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...

CVE-2026-44244

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: i2c: ar0521: Use the CANsleep version of gpiodsetvalue If we use GPIO reset from the I2C port expander, we must use the CANsleep variant of GPIO functions. This was not done in the ar0521poweron/ar0521poweroff functions...

MiracleLinux 7 : rh-nodejs12-nodejs-nodemon-2.0.3-1.el7, rh-nodejs12-nodejs-12.20.1-1.el7 (AXSA:2021-1451:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1451:01 advisory. nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10746 nodejs-set-value: prototype pollution in function set-value...

Security Bulletin: A vulnerability in module set-value affects IBM Db2 Big SQL on Cloud Pak for Data

Summary A vulnerability in node.js open source package set-value affects IBM Db2 Big SQL 7.4.2 and earlier on Cloud Pak for Data 4.6.2 and earlier Vulnerability Details CVEID:CVE-2021-23440 DESCRIPTION: Nodejs set-value module could allow a remote attacker to execute arbitrary code on the system,...

CVE-2025-12213

A security vulnerability has been detected in Tenda O3 1.0.0.102478. This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2025-12214

A vulnerability was detected in Tenda O3 1.0.0.102478. This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and...

CVE-2025-12211

A security flaw has been discovered in Tenda O3 1.0.0.102478. Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-12213

CVE-2025-12213 affects Tenda O3 1.0.0.10(2478). The vulnerability is a stack-based overflow in the SetValue/GetValue handling of /goform/setVlanConfig via crafted lan input, enabling remote exploitation. Public disclosures exist. Connected sources (CNVD/CNNVD/NVD/PT-2025-43873) corroborate a buff...

CVE-2025-12210 Tenda O3 AdvSetLanip GetValue stack-based overflow

A vulnerability was identified in Tenda O3 1.0.0.102478. Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is...

PT-2025-43873

Name of the Vulnerable Software and Affected Versions Tenda O3 version 1.0.0.102478 Description A security issue exists in Tenda O3 version 1.0.0.102478. The SetValue/GetValue function within the /goform/setVlanConfig file is susceptible to a stack-based buffer overflow. This occurs through...