PT-2026-43275

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description Multiple out-of-bounds reads exist in the BGP MP REACH NLRI IPv6 attribute decoder. The decode mp reach ipv6 function in src/bgp protocol.cpp casts raw pointers to structure typ...

PT-2026-34043

Name of the Vulnerable Software and Affected Versions Coturn versions prior to 4.10.0 Description STUN/TURN attribute parsing functions perform unsafe pointer casts from uint8 t to uint16 t without alignment checks. When processing a crafted STUN message with odd-aligned attribute boundaries,...

DocumentServer 安全漏洞

DocumentServer is an open-source online collaboration suite developed by ONLYOFFICE. It supports real-time collaborative editing of documents, spreadsheets, presentations, and other formats. Versions of DocumentServer prior to 9.3.0 contained security vulnerabilities. These vulnerabilities stemme...

EUVD-2017-18269

Malware in sbrugna...

RUSTSEC-2025-0072 soundness issue and unmaintained

All functions under wrflib::byteextract are simply wrapper of unsafe pointer offset and lacks sufficient checks to it pointer and offset parameter. wrflib is unmaintained...

Linux Distros Unpatched Vulnerability : CVE-2017-9334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect pair? check in the Scheme length procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an...

CVE-2025-46716

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiSetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to read...

CVE-2025-46715 Sandboxie Arbitrary Kernel Write in SbieDrv.sys API (API_GET_SECURE_PARAM)

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiGetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write t...

Redox UEFI Safe API can cause heap-buffer-overflow

ffi::nstr should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow...

RUSTSEC-2025-0032 Safe API can cause heap-buffer-overflow

ffi::nstr should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow...

xous has unsound usages of `core::slice::from_raw_parts`

We consider asslice and asslicemut unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated fromparts. We consider that fromparts should be removed in latest version because it will help trigger...

RUSTSEC-2021-0007 `Frame::copy_from_raw_parts` can lead to segfault without `unsafe`

fn Frame::copyfromrawparts is a safe API that can take a raw pointer and dereference it. It is possible to read arbitrary memory address with an arbitrarily fed pointer. This allows the safe API to access & read arbitrary address in memory. Feeding an invalid memory address pointer to the API may...

Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability (CNVD-2018-26551)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader in the existence of a security vulnerability, the vulnerability...

CVE-2017-9334

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it...

CVE-2017-9334

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it...

CVE-2017-9334

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it...

CVE-2017-9334

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it...

PT-2017-18850 · Chicken +1 · Chicken Scheme +1

Name of the Vulnerable Software and Affected Versions: CHICKEN Scheme versions prior to 4.13 Description: The issue arises from an incorrect "pair?" check in the Scheme "length" procedure, leading to an unsafe pointer dereference. This allows an attacker to cause a denial of service by passing an...

SAP Sybase Event Stream Processor esp_parse ConnectionType Unsafe Pointer Dereference (CVE-2014-3458)

Five unsafe pointer dereference vulnerabilities have been reported in SAP Sybase Event Stream Processor ESP. These vulnerabilities are caused by the listening service accepting unsanitized pointers in XMLRPC requests. By sending crafted requests to a vulnerable server, an remote attacker can caus...

KLA10315 Multiple vulnerabilities in SUPERAntiSpyware

Multiple serious vulnerabilities have been found in SUPERAntiSpyware. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities 1. Unsafe buffers, function parameter handling, unsafe pointe...