894 matches found
CVE-2025-32061
The CVE-2025-32061 entry concerns the Bluetooth stack in Bosch Infotainment ECU devices, implemented by Alps Alpine. The vulnerability arises from insufficient boundary validation of user-supplied data, causing a stack-based buffer overflow when processing a specific packet on the L2CAP channel. ...
CVE-2025-32061 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...
EUVD-2025-206904
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...
CVE-2025-32059
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...
CVE-2025-32059 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU
The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...
CVE-2025-32059
The CVE-2025-32059 entry concerns the Bluetooth stack in the Bosch Infotainment ECU, implemented by Alps Alpine. The root cause is improper boundary validation of user-supplied data, triggering a stack-based buffer overflow when handling a specific packet on the L2CAP channel. The issue enables r...
ALPS ALPINE HID Monitor Service 代码问题漏洞
ALPS ALPINE HID Monitor Service is a human factors input device management service provided by ALPS ALPINE, a Japanese company. Version 8.1.0.10 of ALPS ALPINE HID Monitor Service contains a code vulnerability. This vulnerability stems from a service path that lacks quotation marks, which may all...
CVE-2026-25121
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...
GHSA-X9P2-77V6-6VHF FrankenPHP has delayed propagation of security fixes in upstream base images
Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...
FrankenPHP has delayed propagation of security fixes in upstream base images
Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...
ALPS ALPINE Pointing-device Controller 代码问题漏洞
ALPS ALPINE Pointing-device Controller is a control software for a heavy-touch tablet by the Japanese company ALPS ALPINE. Version 8.1202.1711.04 of ALPS ALPINE Pointing-device Controller contains a code vulnerability. This vulnerability stems from a service path in ApHidMonitorService that lacks...
Exploit for Out-of-bounds Read in Libpng
Spring Boot Minimal Images PoC Dummy Spring Boot application...
ALPINE-CVE-2026-24049
wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the...
CVE-2018-1000849
Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...
CVE-2022-23554
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...
OPENSUSE-RU-2026:20010-1 Recommended update for trivy
This update for trivy fixes the following issues: - Update to version 0.68.2: release: v0.68.2 release/v0.68 9950 fixdeps: bump alpine from 3.22.1 to 3.23.0 backport: release/v0.68 9949 ci: enable check-latest for setup-go backport: release/v0.68 9946...
ALPINE-CVE-2025-15224
When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...
CVE-2019-12875
Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993056)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993056 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpinemsixinitdomains ofirqfindparent returns a node...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992366)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992366 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpinemsixinitdomains ofirqfindparent returns a node...