10xscale-agentflow-cli (>=0.3.0 <=0.3.1), 3m (>=0.1.0 <=0.1.3) +2397 more potentially affected by CVE-2026-3308 via pymupdf (>=1.16.14 <=1.27.2.3)

pymupdf PYPI version =1.16.14, =0.3.0, =0.1.0, =0.1.1001, =1.1.0, =0.0.4.80, =4.0.2 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 - aait-store-cut-part-003 =0.0.1 - aait-store-cut-part-004 =0.0.1 - aait-store-cut-part-005 =0.0.1 - aait-store-cut-part-006 =0.0.1 -...

42towels (>=0.1.1001 <=0.1.1011), aait (>=0.0.4.80 <=2.3.14) +288 more potentially affected by CVE-2026-3029 via pymupdf (>=1.16.14 <=1.26.6)

pymupdf PYPI version =1.16.14, =0.1.1001, =0.0.4.80, =0.1.3, =0.7.0, =0.0.1, =0.1.31, =0.0.5, =0.0.3.20, =0.0.1, =0.1.0, =1.5.0, =1.2.3, =1.4.11 - arcoocr =1.0.1 and more Source cves: CVE-2026-3029 Source advisory: SNYK:PYTHON-PYMUPDF-15702040...

EUVD-2022-28709

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-23773

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access...

SUSE CVE-2022-23806

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...

Integer Overflow or Wraparound

Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Integer Overflow or Wraparound. Go Vulnerability Report: Rat.SetString had an overflow issue that can lead to uncontrolled memory consumption. Remediation Upgrade std/math/big t...

Struts: Validator Without Form Field

Overview std/crypto/elliptic is a Go standard library package std/crypto/elliptic Affected versions of this package are vulnerable to Struts: Validator Without Form Field. Go Vulnerability Report: via the IsOnCurve function. An attacker can trigger a panic or cause invalid cryptographic operation...

openSUSE 15 Security Update : go1.16 (openSUSE-SU-2022:0724-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0724-1 advisory. - Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

...

AZL-8524 CVE-2022-23806 affecting package golang for versions less than 1.18.8-3

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...

Design/Logic Flaw

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...

CVE-2022-23806

CVE-2022-23806 affects Go's crypto/elliptic IsOnCurve, which can incorrectly return true when a big.Int value is not a valid field element. Impact: potential impact to availability and integrity as implied by the vulnerability description. Root cause is an out-of-spec check in IsOnCurve for inval...

CVE-2022-23806

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element...

PT-2022-7693 · Google +7 · Go +7

Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.16.14 Go versions 1.17.x prior to 1.17.7 Description: The issue is related to the Curve.IsOnCurve component in the Golang programming language, which is associated with incorrect checking of the return value of a method...

[SECURITY] Fedora 20 Update: dpkg-1.16.14-1.fc20

This package contains the tools including dpkg-source required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to handle the installation and removal of packages on a Debian system. This package also contains dselect, an interface for...