312 matches found
[SECURITY] Fedora 43 Update: perl-Crypt-SysRandom-XS-0.011-1.fc43
This module uses whatever C interface is available to procure cryptographically random data from the system...
CVE-2026-30960 RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface
rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...
cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled cgo binary. An attacker could exploit this to embed and execute arbitrary...
CVE-2026-2303
The CVE-2026-2303 entry affects the mongo-go-driver CGo bindings for GSSAPI (Kerberos) authentication on Linux/macOS. The disclosed root cause is a heap out-of-bounds read in the C wrapper implementation caused by incorrect assumptions about string termination in GSSAPI: GSSAPI buffers are not gu...
[SECURITY] Fedora 43 Update: rust-cargo-c-0.10.18-3.fc43
Helper program to build and install c-like libraries...
Open5GS 代码问题漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contain code vulnerabilities due to a null pointer dereferencing issue in the PGW S5U address handling program...
AZL-76743 CVE-2025-61732 affecting package msft-golang 1.24.13-1
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...
AZL-78937 CVE-2025-61732 affecting package golang 1.25.7-1
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...
CVE-2025-61732
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...
CVE-2025-61732
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...
CVE-2025-61732
CVE-2025-61732 involves a discrepancy in how Go and C/C++ comments are parsed, enabling code smuggling into the resulting cgo binary. Multiple connected sources confirm the issue affects Go/cgo workflows and documents the vulnerability with a CVSSv3.1 base score of 8.6 (HIGH) and local attack vec...
CVE-2025-61732
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...
PT-2026-6533
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...
Melon 安全漏洞
Melon is a C-language code library developed by Niklaus Schen. Versions of Melon prior to 9df9292 contained security vulnerabilities. These vulnerabilities stemmed from the lack of a maximum length limit in the HTTP component, which could lead to denial-of-service attacks by consuming memory...
sqlmap-CTT-v3.0-SQL-Injection-Engine-Full-33-layer-fractal-temporal-resonance-implementation-in-C
sqlmap-CTT-v3.0-SQL-Injection-Engine-Full-33-layer-fractal-tem...
CPython security vulnerabilities
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from the possibility of injecting additional commands through line breaks when user-controlled commands are passed...
OESA-2026-1043 gnutls security update
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...
CVE-2022-38138
The Triangle Microworks IEC 61850 Library Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the C++, C, or Java language library with a version number of 5.0.1 or earlier and 60870-6 ICCP/TASE.2 Library Any client or server...
heap-mastery-course
Heap Mastery Course Learn heap vulnerability exploitation t...
Beyond Single Bugs: Benchmarking Large Language Models for Multi-Vulnerability Detection
Large Language Models LLMs have demonstrated significant potential in automated software security, particularly in vulnerability detection. However, existing benchmarks primarily focus on isolated, single-vulnerability samples or function-level classification, failing to reflect the complexity of...