CVE-2026-44660 UltraJSON: Memory Leak in ujson.dump() on Write Failure

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decremented, leaking memory. Each failed write operatio...

CVE-2026-34540 iccDEV: HBO in icMemDump()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...

EUVD-2026-17705

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...

[SECURITY] Fedora 42 Update: perl-YAML-Syck-1.39-1.fc42

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...

[SECURITY] Fedora 43 Update: perl-YAML-Syck-1.39-1.fc43

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...

[SECURITY] Fedora 44 Update: perl-YAML-Syck-1.39-1.fc44

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...

PT-2026-29388

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...

CVE-2026-1416 GPAC filedump.c DumpMovieInfo null pointer dereference

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the file applications/mp4box/filedump.c. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a null pointer dereference to genlinfo in the ethtool eeprom dump function...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989471 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control fl...

[SECURITY] Fedora 42 Update: perl-YAML-Syck-1.36-1.fc42

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...

EUVD-2020-16610

Malware in sbrugna...

EUVD-2022-2003

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a delay in thread scheduling in the qedmcptracedump function, which could lead to a denial of service...

PT-2025-35575

Name of the Vulnerable Software and Affected Versions: rust-ffmpeg versions 0.3.0 and later after commit 5ac0527 Description: A null pointer dereference issue exists in the dump function of rust-ffmpeg. The function does not validate the return value of avfilter graph dump for NULL, which can lea...

CVE-2025-8837

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

UBUNTU-CVE-2025-22104

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of 8 then a read buffe...

CVE-2025-22104 ibmvnic: Use kernel helpers for hex dumps

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Use kernel helpers for hex dumps Previously, when the driver was printing hex dumps, the buffer was cast to an 8 byte long and printed using string formatters. If the buffer size was not a multiple of 8 then a read buffe...

CVE-2024-54090

A vulnerability has been identified in APOGEE PXC Series BACnet All versions, APOGEE PXC Series P2 Ethernet All versions, TALON TC Series BACnet All versions. Affected devices contain an out-of-bounds read in the memory dump function. This could allow an attacker with Medium MED or higher...

PT-2025-2986 · Google · Android

Name of the Vulnerable Software and Affected Versions: sms Utilities.c affected versions not specified Description: The issue is related to a possible out of bounds read in the sms DisplayHexDumpOfPrivacyBuffer function of sms Utilities.c due to an incorrect bounds check. This could lead to remot...