CVE-2020-9623

Adobe DNG Software Development Kit SDK 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure...

Malicious code in ai-labs-snippets-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d5d4e1e66d1a84969c7af5822efb6e894abc0d263c87f583bf45591d216b85a During the importing, it loads a file pretending to an AI model. This file contains pickle-serialized code that exfiltrates data basic IP/username info, as wel...

RLSA-2024:4567 Important: java-11-openjdk security update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessive...

The vulnerability of the SDK components of AirPlay and CarPlay Communication Plug-in, which allows a perpetrator to cause a service failure.

The vulnerability of the SDK components of AirPlay and CarPlay Communication Plug-in relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Apple多款产品 安全漏洞

Apple FairPlay and others are products of Apple Inc.Apple FairPlay is a core component used to provide media playback capabilities to devices.Apple AirPlay audio SDK is an officially licensed development kit that allows third-party hardware products to integrate the AirPlay audio streaming protoc...

VApps: Verifiable Applications at Internet Scale

Blockchain technology promises a decentralized, trustless, and interoperable infrastructure. However, widespread adoption remains hindered by issues such as limited scalability, high transaction costs, and the complexity of maintaining coherent verification logic across different blockchain layer...

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

DEBIAN-CVE-2025-30698

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle...

PT-2025-19363 · Npm · Aws-Cdk-Lib

Summary The AWS Cloud Development Kit AWS CDK is an open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. In the CDK, developers organize their applications into reusable components called "constructs," which are...

PT-2025-15273

Name of the Vulnerable Software and Affected Versions EDK2 affected versions not specified Description The issue is related to a vulnerability in the HashPeImageByType function, where a user can cause a read out of bounds by sending corrupted data via the network. This could lead to a loss of...

CVE-2025-2598

When the AWS Cloud Development Kit AWS CDK Command Line Interface AWS CDK CLI is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. To mitigate this issue, users should upgrade to version 2.178....

@aws-cdk/integ-runner (>=2.172.0-alpha.0 <=2.178.1-alpha.0), @bifravst/http-api-mock (>=2.1.97 <=2.1.144) +4 more potentially affected by CVE-2025-2598 via aws-cdk (>=2.172.0 <=2.178.1)

aws-cdk NPM version =2.172.0, =2.172.0-alpha.0, =2.1.97, =4.3.190, =3.2.25, =2.172.0, =2.178.1 Source cves: CVE-2025-2598 Source advisory: OSV:GHSA-V63M-X9R9-8GQP...

AWS Cloud Development Kit 安全漏洞

AWS Cloud Development Kit is an open source software development framework open sourced by Amazon Web Services for defining cloud infrastructure in code and configuring it via AWS CloudFormation. A security vulnerability exists in AWS Cloud Development Kit that stems from credential information...

PT-2025-12422

Name of the Vulnerable Software and Affected Versions AWS CDK CLI versions prior to 2.178.2 Description The issue arises when the AWS CDK CLI is used with a credential plugin that returns an expiration property with the retrieved AWS credentials, causing the credentials to be printed to the conso...

AZL-58803 CVE-2025-2295 affecting package edk2 for versions less than 20240524git3e722403cd16-14

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...

OESA-2025-1251 openjdk-1.8.0 security update

The OpenJDK runtime environment 8. Security Fixes: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4,...

Simplicity SDK 安全漏洞

Simplicity SDK is a Simplicity software development kit from Silicon Open Source. A security vulnerability exists in Simplicity SDK that originates from a buffer over-read that occurs when an invalid packet is received...

RLSA-2025:0426 Moderate: java-21-openjdk security update for Rocky Linux 8.10, 9.4 and 9.5

The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

Oracle Linux 8 / 9 : java-21-openjdk (ELSA-2025-0426)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0426 advisory. 1:21.0.6.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.6.0.7-1 - Update to jdk-21.0.6+7 GA - Update release notes to 21.0.6+7 - Sync the cop...