560 matches found
CVE-2025-52581
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-52581
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2233 The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52581 SUMMARY An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project...
Linux Distros Unpatched Vulnerability : CVE-2018-15671
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted...
Linux Distros Unpatched Vulnerability : CVE-2018-17436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ReadCode in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service invalid write access via a crafted HDF5 file. This...
Linux Distros Unpatched Vulnerability : CVE-2023-26819
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as a: true, b:...
Malicious code in @zalastax/nolb-json-x (npm)
The package @zalastax/nolb-json-x was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2025-2924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. T...
Linux Distros Unpatched Vulnerability : CVE-2025-2912
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file...
Linux Distros Unpatched Vulnerability : CVE-2025-2914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The...
Repairing Vulnerabilities without Invisible Hands. a Differentiated Replication Study on LLMs
Background: Automated Vulnerability Repair AVR is a fast-growing branch of program repair. Recent studies show that large language models LLMs outperform traditional techniques, extending their success beyond code generation and fault detection. Hypothesis: These gains may be driven by hidden...
GHSA-XWMG-2G98-W7V9 Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON
Connect2id Nimbus JOSE + JWT before 10.0.2 allows a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set, because of uncontrolled recursion. NOTE: this is independent of the Gson 2.11.0 issue because the Connect2id product could have checked the...
SUSE CVE-2025-6818
A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5Ochunkprotect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may ...
Uncontrolled Recursion
Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Uncontrolled Recursion via the JSONReader process. An attacker can cause the application to crash by submitting deeply nested JSON structures, resulting in a stack overflow and...
DEBIAN-CVE-2025-7069
A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...
AZL-65208 CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed ...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the H5FSsinfoserializenodecb function. An attacker can cause a denial of service by triggering a heap-based buffer overflow through local access. Remediation A fix was pushed into the master branch but not...
HDF5 安全漏洞
HDF5 is a library of HDF open source . HDF5 version 1.14.6 there is a buffer overflow vulnerability , the vulnerability stems from the file src/H5FSsection.c function H5FSsectlinksize failed to correctly validate the length of the input data size , a remote attacker can use this vulnerability on...
HDF5 安全漏洞
HDF5 is a library of HDF open source . HDF5 1.14.6 version of the existence of a buffer overflow vulnerability , the vulnerability stems from the file src/H5FScache.c function H5FSsinfoserializenodecb fails to correctly validate the length of the input data size , a remote attacker can be used to...
SUSE CVE-2025-6856
A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FLreggclist of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...