Lucene search
K

312 matches found

Fedora
Fedora
added 2026/03/11 12:49 a.m.6 views

[SECURITY] Fedora 43 Update: perl-Crypt-SysRandom-XS-0.011-1.fc43

This module uses whatever C interface is available to procure cryptographically random data from the system...

7.5CVSS5.8AI score0.00295EPSS
Exploits0
OSV
OSV
added 2026/03/10 5:11 p.m.5 views

CVE-2026-30960 RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...

9.4CVSS5.9AI score0.0021EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/16 10:32 a.m.6 views

cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy

A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled cgo binary. An attacker could exploit this to embed and execute arbitrary...

8.6CVSS7.3AI score0.00472EPSS
Exploits0References8
CVE
CVE
added 2026/02/10 7:3 p.m.94 views

CVE-2026-2303

The CVE-2026-2303 entry affects the mongo-go-driver CGo bindings for GSSAPI (Kerberos) authentication on Linux/macOS. The disclosed root cause is a heap out-of-bounds read in the C wrapper implementation caused by incorrect assumptions about string termination in GSSAPI: GSSAPI buffers are not gu...

6.9CVSS5.6AI score0.00223EPSS
Exploits0References1
Fedora
Fedora
added 2026/02/10 1:34 a.m.5 views

[SECURITY] Fedora 43 Update: rust-cargo-c-0.10.18-3.fc43

Helper program to build and install c-like libraries...

7.5CVSS5.5AI score0.00443EPSS
Exploits1
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.7 views

Open5GS 代码问题漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contain code vulnerabilities due to a null pointer dereferencing issue in the PGW S5U address handling program...

7.5CVSS6.2AI score0.00652EPSS
Exploits1References7
OSV
OSV
added 2026/02/05 4:15 a.m.8 views

AZL-76743 CVE-2025-61732 affecting package msft-golang 1.24.13-1

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS7.4AI score0.00472EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 4:15 a.m.6 views

AZL-78937 CVE-2025-61732 affecting package golang 1.25.7-1

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS5.8AI score0.00472EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/02/05 3:42 a.m.6 views

CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS5.4AI score0.00472EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/05 3:42 a.m.8 views

CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS7.8AI score0.00472EPSS
Exploits0
CVE
CVE
added 2026/02/05 3:42 a.m.66 views

CVE-2025-61732

CVE-2025-61732 involves a discrepancy in how Go and C/C++ comments are parsed, enabling code smuggling into the resulting cgo binary. Multiple connected sources confirm the issue affects Go/cgo workflows and documents the vulnerability with a CVSSv3.1 base score of 8.6 (HIGH) and local attack vec...

8.6CVSS5.4AI score0.00472EPSS
Exploits0References37Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/05 3:42 a.m.8 views

CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS5.4AI score0.00472EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.5 views

PT-2026-6533

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

5.5AI score
Exploits0References4
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.9 views

Melon 安全漏洞

Melon is a C-language code library developed by Niklaus Schen. Versions of Melon prior to 9df9292 contained security vulnerabilities. These vulnerabilities stemmed from the lack of a maximum length limit in the HTTP component, which could lead to denial-of-service attacks by consuming memory...

7.5CVSS5.9AI score0.00478EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/01/28 11:11 a.m.167 views

sqlmap-CTT-v3.0-SQL-Injection-Engine-Full-33-layer-fractal-temporal-resonance-implementation-in-C

sqlmap-CTT-v3.0-SQL-Injection-Engine-Full-33-layer-fractal-tem...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.7 views

CPython security vulnerabilities

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities, which stem from the possibility of injecting additional commands through line breaks when user-controlled commands are passed...

5.9CVSS7.1AI score0.00315EPSS
Exploits0References4
OSV
OSV
added 2026/01/09 2:6 p.m.5 views

OESA-2026-1043 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

4CVSS6.7AI score0.00203EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.13 views

CVE-2022-38138

The Triangle Microworks IEC 61850 Library Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the C++, C, or Java language library with a version number of 5.0.1 or earlier and 60870-6 ICCP/TASE.2 Library Any client or server...

7.5CVSS6.8AI score0.00764EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/05 2:27 a.m.169 views

heap-mastery-course

Heap Mastery Course Learn heap vulnerability exploitation t...

6.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/26 12:0 a.m.7 views

Beyond Single Bugs: Benchmarking Large Language Models for Multi-Vulnerability Detection

Large Language Models LLMs have demonstrated significant potential in automated software security, particularly in vulnerability detection. However, existing benchmarks primarily focus on isolated, single-vulnerability samples or function-level classification, failing to reflect the complexity of...

7AI score
Exploits0
Rows per page
Query Builder