A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol.…

An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using…

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial…

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker…

An arbitrary file write vulnerability was found in GNU gzip’s zgrep utility. When zgrep is applied on the attacker’s chosen file name (for example, a…

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse…

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field…

A heap buffer overflow flaw was found in Libtiffs’ tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to…

A stack buffer overflow flaw was found in Libtiffs’ tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to…

Delta Electronics CNCSoft (All versions prior to 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.…