Linux Distros Unpatched Vulnerability : CVE-2021-21837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.1.1)

The version of AOS installed on the remote host is prior to 7.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.1.1 advisory. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer...

Linux Distros Unpatched Vulnerability : CVE-2024-35917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by...

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

Linux Distros Unpatched Vulnerability : CVE-2016-9841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVE-2016-9841 Note that...

Linux Distros Unpatched Vulnerability : CVE-2024-38579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer...

Linux Distros Unpatched Vulnerability : CVE-2025-4638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the inftrees.c component of the zlib library, which is bundled within the PointCloudLibrary PCL. This issue may allow context-dependen...

Linux Distros Unpatched Vulnerability : CVE-2016-9840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVE-2016-9840 Note that...

Linux Distros Unpatched Vulnerability : CVE-2019-7308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases o...

CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_execute

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. Details In the LossyDctDecoderexecute function from...

GHSA-4R7W-Q3JG-FF43 OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_execute

Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. Details In the LossyDctDecoderexecute function from...

SUSE-SU-2025:02536-1 Security update for boost

This update for boost fixes the following issues: - CVE-2016-9840: Fixed out-of-bounds pointer arithmetic in zlib in beast bsc1245936...

RLSA-2025:8395 Low: rsync security update

The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only sends the differences in files over the network instead of sending whole files. The rsync utility is also used as a mirroring tool. Security Fixes:...

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

CVE-2025-54426 Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invali...

CVE-2025-54426 Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invali...

CVE-2025-38489

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfarchtextpoke with newaddr == NULL again Commit 7ded842b356d "s390/bpf: Fix bpfplt pointer arithmetic" has accidentally removed the critical piece of commit c730fce7c70c "s390/bpf: Fix bpfarchtextpoke with newaddr...

CVE-2025-38489

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfarchtextpoke with newaddr == NULL again Commit 7ded842b356d "s390/bpf: Fix bpfplt pointer arithmetic" has accidentally removed the critical piece of commit c730fce7c70c "s390/bpf: Fix bpfarchtextpoke with newaddr...