OSV-2026-808 Heap-buffer-overflow in ihevcd_fmt_conv

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=515994900 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv ihevcdprocessthread startthread...

EUVD-2013-4050

Malware in sbrugna...

EUVD-2024-37234

Malicious code in bioql PyPI...

UBUNTU-CVE-2022-50383

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Can't set dst buffer to done when lat decode error Core thread will call v4l2m2mbufdone to set dst buffer done for lat architecture. If lat call v4l2m2mbufdoneandjobfinish to free dst buffer when lat deco...

CVE-2025-53948

CVE-2025-53948 pertains to the Sante PACS Server, where a remote attacker can crash the main thread by sending a crafted HL7 message, resulting in a denial-of-service condition. The vulnerability enables unauthenticated remote impact and requires a manual restart to restore service. Multiple sour...

CVE-2025-53948 Santesoft Sante PACS Server Double Free

The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. The application would require a manual restart and no authentication is required...

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment open-sourced by Node.js. A security vulnerability exists in Node.js that stems from an incorrect call to ThrowException by the SignTraits::DeriveBits method in a background thread, which could lead to a process crash...

CVE-2022-49156

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...

CVE-2024-38269

An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a...

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

CVE-2024-38266

An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

CVE-2024-38269

An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a...

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

CVE-2024-38267

CVE-2024-38267 affects Zyxel VMG8825-T50K devices up to firmware 5.50(ABOM.8)C0. The issue is in the IPv6 address parser where operations are improperly restricted within the memory buffer bounds, enabling an authenticated attacker with administrator privileges to trigger memory corruption and ca...

CVE-2024-38267

An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

CVE-2024-38266

An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...

CVE-2024-38266

The CVE-2024-38266 issue affects Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0, caused by an improper restriction of operations within the bounds of a memory buffer in the parameter type parser. An authenticated administrator could trigger memory corruption, potentially causing a th...

CVE-2024-38266

An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50ABOM.8C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread...