22103 matches found
GNU elfutils eu-readelf readelf.c print_string_section buffer overflow
...
GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service
...
Request smuggling due to acceptance of invalid chunked data in net/http
...
Chromium: CVE-2025-3620 Use after free in USB
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-3619 Heap buffer overflow in Codecs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()
...
c-ares has a use-after-free in read_answers()
...
CMSE secure state may leak from stack to floating-point registers
...
Net::IMAP vulnerable to possible DoS by memory exhaustion
...
The png_convert_to_rfc1123 function in png.c allows remote attackers to obtain sensitive process memory information
...
CVE-2011-3045
...
CVE-2012-3425
...
CVE-2011-2501
...
CVE-2011-2691
...
Microsoft Power Automate Desktop Information Disclosure Vulnerability
Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network...
Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow
...
The GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service
...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Out-of-bounds read in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
hostapd fails to process crafted RADIUS packets properly. When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS authentications to fail.
...
Mishandling of comma during folding and unicode-encoding of email headers
...
XZ has a heap-use-after-free bug in threaded .xz decoder
...
The vulnerability in unzip occurs due to improper handling of Unicode strings
...
An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package. This issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8.
...
Libtiff: heap-based buffer overflow in cpstriptotile() in tools/tiffcp.c
...
KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel
...
neighbour: use RCU protection in __neigh_notify()
...
ndisc: extend RCU protection in ndisc_send_skb()
...
openvswitch: use RCU protection in ovs_vport_cmd_fill_info()
...
ASoC: codecs: wcd938x: fix incorrect used of portid
...
af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock.
...
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
...
USB: hub: Ignore non-compliant devices with too many configs or interfaces
...
ipv6: mcast: extend RCU protection in igmp6_send()
...
powerpc/powernv: Add a null pointer check in opal_powercap_init()
...
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.
...
ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()
...
spi: sn-f-ospi: Fix division by zero
...
LoongArch: csum: Fix OoB access in IP checksum code for negative lengths
...
drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()
...
can: etas_es58x: fix potential NULL pointer dereference on udev->serial
...
acct: perform last write from workqueue
...
scsi: ufs: bsg: Set bsg_queue to NULL after removal
...
media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread
...
HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()
...
vxlan: check vxlan_vnigroup_init() return value
...
orangefs: fix a oob in orangefs_debug_write
...
vsock: Keep the binding until socket destruction
...
vrf: use RCU protection in l3mdev_l3_out()
...
gpiolib: Fix crash on error in gpiochip_get_ngpios()
...
media: uvcvideo: Remove dangling pointers
...