CVE-2026-48510 MessagePack-CSharp: LZ4 decompression allocates from unbounded declared output lengths

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed...

RHEL 7 : xorg-x11-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xorg-x11-server: unvalidated lengths in RENDER extension CVE-2017-12187 - The ProcPutImage function in...

RHEL 6 : xorg-x11-server (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xorg-x11-server: unvalidated lengths in RENDER extension CVE-2017-12187 - In the X.Org X server before...

DEBIAN-CVE-2024-31951

In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...

SUSE CVE-2020-24341

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in picotcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Servic...

SUSE-SU-2017:3047-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed bnc1052984 - CVE-2017-13723: A local denial of service via unusual...

SUSE-SU-2017:3025-1 Security update for xorg-x11-server

This update for xorg-x11-server provides several fixes. These security issues were fixed: - CVE-2017-13723: Prevent local DoS via unusual characters in XkbAtomText and XkbStringText bsc1051150. - Improve the entropy when generating random data used in X.org server authorization cookies generation...

libXfont: unvalidated length fields when parsing xfs protocol replies

Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server...