CVE-2026-6022

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

CVE-2026-24112

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addWewifiWhiteUser function and processed by sscanf without size validation, it could lead to a buffer overflow vulnerability...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003395)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003395 advisory. A flaw was found in the hugetlbmcopyatomicpte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service BUG...

CVE-2021-0881

In PVRSRVBridgeRGXKickCDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-0885

In PVRSRVBridgeSyncPrimOpTake of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

CVE-2025-52960

A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...

CVE-2025-21476 Buffer Copy Without Checking Size of Input in Computer Vision

Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake...

Chall-Manager 安全漏洞

Chall-Manager is an open source project from CTFer.io open source. A security vulnerability exists in Chall-Manager versions prior to 0.1.4, which stems from a failure to check the size of the contents when decompressing a zip file, which could lead to a zip bomb decompression...

PT-2024-27262 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.2.1.2930 build 20241025 QNAP QuTS hero versions prior to h5.2.1.2929 build 20241025 Description: A buffer copy without checking the size of input issue has been reported, potentially allowing remote attackers with...

DEBIAN-CVE-2024-25739

createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize...

PT-2024-1631 · Qnap · Quts Hero +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.3.2578 build 20231110 QuTS hero versions prior to h5.1.3.2578 build 20231110 QuTScloud versions prior to c5.1.5.2651 Description: The issue is related to a buffer copy without checking the size of input data, which...

CVE-2023-45043

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

SUSE CVE-2023-4050

In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

DEBIAN-CVE-2023-32181

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2...

SUSE CVE-2021-42327

dplinksettingswrite in drivers/gpu/drm/amd/display/amdgpudm/amdgpudmdebugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parsewritebufferintoparam...

CVE-2021-40062

There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability...

HUAWEI EMUI 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. a denial of service vulnerability exists in Huawei Emui and Magic UI, which stems from copying the input buffer in the video framework without checking its size. An attacker...

kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS

A flaw was discovered in the Linux kernel's USB subsystem in the usbgetextradescriptor function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivilege...

DEBIAN-CVE-2018-19491

An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PSoptions function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the...

CVE-2018-19492

An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrmoptions function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when...