59 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
SUSE CVE-2025-68346
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
EUVD-2025-205108
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
CVE-2025-68346
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
CVE-2025-68346
The CVE-2025-68346 vulnerability affects the Linux kernel ALSA: dice driver. The root cause is a missing validation of stream_count read from a FireWire device in detect_stream_formats(), which can allow out-of-bounds writes if stream_count exceeds MAX_STREAMS. The fix adds the same validation to...
CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()
In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...
Linux Distros Unpatched Vulnerability : CVE-2025-68346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without...
PT-2025-52882
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The detect stream formats function in the ALSA driver for Digital Interface Communication Engine dice devices does not validate the stream count value received from a FireWire device. A...
EUVD-2022-35486
Malicious code in bioql PyPI...
EUVD-2024-32262
Malicious code in bioql PyPI...
Malicious code in dice-dream-free-rolls (npm)
The package dice-dream-free-rolls was found to contain malicious code...
MAL-2025-18443 Malicious code in dice-dream-millions-win (npm)
The package dice-dream-millions-win was found to contain malicious code...
Malicious code in dice-dream-millions-win (npm)
The package dice-dream-millions-win was found to contain malicious code...
MAL-2025-18442 Malicious code in dice-dream-free-rolls (npm)
The package dice-dream-free-rolls was found to contain malicious code...
CVE-2024-3687
A vulnerability was found in bihell Dice 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public an...
CVE-2022-32413
An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code via a crafted file...
Internet Computer Protocol Launches Walletless Verified Credentials for Public Trust
Internet Computer Protocol ICP introduces Verified Credentials VCs, a walletless solution enhancing data sharing privacy. Unveiled at DICE 2024, VCs help combat bots and fake accounts on social media, ensuring secure and efficient verification...
CVE-2024-3687
A vulnerability was found in bihell Dice 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public an...
CVE-2024-3687 bihell Dice Comment cross site scripting
A vulnerability was found in bihell Dice 3.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public an...