6015 matches found
CVE-2025-4516 Use-after-free in "unicode_escape" decoder with error handler
There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...
CVE-2025-4516 Use-after-free in "unicode_escape" decoder with error handler
There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...
cpython -- Use-after-free in "unicode_escape" decoder with error handler
[email protected] reports: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap t...
CLSA-2025-1747251120 buildah: Fix of 2 CVEs
Rebuild with new golang version to address the following CVEs: - CVE-2023-45287: Timing Side Channel attack in RSA based TLS key exchanges - CVE-2024-34156: panic due to stack exhaustion for Decoder.Decode...
Alibaba Cloud Linux 3 : 0061: poppler (ALINUX3-SA-2023:0061)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0061 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-38784: Poppler prior to and including...
xz: XZ has a heap-use-after-free bug in threaded .xz decoder
A flaw was found in the XZ Utils library. In affected versions, the multithreaded .xz decoder in liblzma has a bug where invalid input can trigger a heap use-after-free condition, allowing writes to an address based on the null pointer plus an offset. This issue may result in a crash or other...
gstreamer1-plugins-good: insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences
A flaw was found in the GStreamer library. Insufficient error handling in the JPEG decoder can lead to NULL-pointer dereferences and cause crashes for certain input files, making it possible for a malicious actor to trigger a crash of the application...
SUSE CVE-2022-49895
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
CVE-2022-49895
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
DEBIAN-CVE-2022-49895
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
UBUNTU-CVE-2022-49895
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
CVE-2022-49895
CVE-2022-49895 concerns the Linux kernel fix for a NULL pointer dereference in the cxl/region path. When an intermediate port’s decoders are exhausted and a new region is added in its hierarchical path, cxl_port_attach_region() may fail to find a port decoder and fall through to cleanup. During t...
CVE-2022-49895 cxl/region: Fix decoder allocation crash
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
CVE-2022-49895
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
CVE-2022-49895 cxl/region: Fix decoder allocation crash
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
CVE-2022-49895 cxl/region: Fix decoder allocation crash
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...
CVE-2022-49887 media: meson: vdec: fix possible refcount leak in vdec_probe()
In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdecprobe v4l2deviceunregister need to be called to put the refcount got by v4l2deviceregister when vdecprobe fails or vdecremove is called...
PT-2025-18612 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the cxl/region component. The issue occurs when an intermediate port's decoders are exhausted by existing regions, and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a null pointer dereference vulnerability that stems from not verifying the validity of a decoder, which could lead to a null pointer dereference. An...
PT-2025-18320 · Base-X · Base-X
Name of the Vulnerable Software and Affected Versions: base-x versions prior to 3.0.11 base-x version 4.0.0 base-x version 5.0.0 Description: The issue allows attackers to potentially deceive users into sending funds to an unintended address. This is achieved through a problem in the base-x encod...