EUVD-2018-16942

Malware in sbrugna...

EUVD-2020-7668

Malware in sbrugna...

EUVD-2017-14700

Malware in sbrugna...

EUVD-2019-19181

Malware in sbrugna...

EUVD-2022-48278

Malicious code in bioql PyPI...

EUVD-2021-31331

Malicious code in bioql PyPI...

GHSA-7QW8-3VMF-GJ32 MaterialX Null Pointer Dereference in MaterialXCore Shader Generation due to Unchecked implGraphOutput

Summary When parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. Details In source/MaterialXCore/Material.cpp, the following code extracts the output nodes for a given implementation graph: cpp...

The vulnerability of Fortinet FortiOS operating systems, related to integer overflows, allows attackers to cause crashes in the csfd daemon.

The vulnerability of Fortinet FortiOS operating systems is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to trigger a crash of the csfd daemon through a specially crafted request...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

CVE-2024-1402

Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post and to...

CVE-2023-37034

A Null pointer dereference vulnerability in the Mobile Management Entity MME in Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows network-adjacent attackers to crash the MME via an S1AP Initial UE Message packet missing an expected TAI field...

CVE-2019-6529

An attacker could specially craft an FTP request that could crash the PR100088 Modbus gateway versions prior to release R02 or Software Version 1.1.13166...

Node.js 20.x < 20.19.2 / 22.x < 22.15.1 / 22.x < 22.15.1 / 23.x < 23.11.1 / 24.x < 24.0.2 Multiple Vulnerabilities (Wednesday, May 14, 2025 Security Releases).

The version of Node.js installed on the remote host is prior to 20.19.2, 22.15.1, 22.15.1, 23.11.1, 24.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the Wednesday, May 14, 2025 Security Releases advisory. - In Node.js, the ReadFileUtf8 internal binding leaks memory...

CVE-2025-43972

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the headerpaxextension function. An attacker can cause a system crash by providing a specially crafted TAR archive. Remediation Upgrade libarchive to version 3.8.1 or higher. References - GitHub Issue - GitH...

Linux Distros Unpatched Vulnerability : CVE-2017-5459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR...

CVE-2025-21713

CVE-2025-21713 affects the PowerPC/ pSeries IOMMU path in the Linux kernel. The issue occurs when reusing the same vfio container across different IOMMU groups, where spapr_tce_set_window() may lead to cleanup that dereferences a null or invalid tbl, causing a kernel crash (NULL pointer dereferen...

D-Link DAP-1320 安全漏洞

The D-Link DAP-1320 is a wireless signal extender from China-based AUO D-Link. The D-Link DAP-1320 suffers from a stack buffer overflow vulnerability that originates from the function setwsaction in the file /dws/api/. An attacker can exploit this vulnerability to cause a program crash or even...

firefox: thunderbird: Use-after-free in Custom Highlight

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02307)

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in Oracle MySQL's MySQL Server. An attacker can exploit this vulnerability to cause MySQL Server to hang or crash...