26 matches found
EUVD-2025-23664
Malicious code in bioql PyPI...
CVE-2022-49592
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...
CVE-2025-21653
In the Linux kernel, the following vulnerability has been resolved: netsched: clsflow: validate TCAFLOWRSHIFT attribute syzbot found that TCAFLOWRSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in...
CVE-2025-21653
CVE-2025-21653 affects the Linux kernel net_sched flow classifier (net/sched/cls_flow.c). The vulnerability was due to missing validation of TCA_FLOW_RSHIFT, which could trigger undefined behavior (UB) and a shift-out-of-bounds on large 32-bit shifts, as shown by UBSAN. Connected advisories (Astr...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Buffer Over-Read
X.org Server is vulnerable to Buffer Over-read. The vulnerability is due to the ProcXIPassiveGrabDevice function, where byte-swapped length values in replies can lead to memory leakage and segmentation faults. This issue, particularly when triggered by a client with a different endianness, could...
CVE-2024-31081
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...
CVE-2024-31082
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...
Denial Of Service (DoS)
gss-ntlmssp is vulnerable to Denial of Service DoS attacks. Multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service due to a 32-bit integer overflow condition and incorrect checks of consistency of length of internal buffers. This vulnerability can be triggered via...
CVE-2023-25563
A flaw was found in GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication. Multiple out-of-bounds reads occur when decoding NTLM fields and can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of the consistency of t...
CVE-2023-25563
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...
CVE-2023-25563 GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...
CVE-2023-25563 GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...
CVE-2023-25563
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of consistency of length of...
PT-2022-28264 · Libsqlite +1 · Libsqlite +1
Name of the Vulnerable Software and Affected Versions: sqlite3 versions 1.5.0 Description: A potential vulnerability in the FTS3 extension of libsqlite has been identified, which can be exploited by an attacker with full SQL access who can construct a corrupt database with over 2GB of FTS3 conten...
CVE-2022-35984
TensorFlow is an open source platform for machine learning. ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit...
CVE-2017-9106
An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...
CVE-2014-9625
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update...
CVE-2019-19911
A denial of service vulnerability was found in Pillow in versions before 6.2.2, where the FpxImagePlugin.py file calls the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows systems running 32-bit Python, this flaw results in an OverflowError or MemoryErro...
Denial Of Service (DoS)
pillow is vulnerable to denial of service. An OverflowError or MemoryError occurs in FpxImagePlugin.py on an unvalidated 32-bit integer when large number of bands is given, resulting in an application crash...