UBUNTU-CVE-2025-52581

An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-52581

CVE-2025-52581 describes an integer overflow in the GDF parsing functionality of The Biosig Project’s libbiosig 3.9.0 and Master Branch (commit 35a819fa). A specially crafted GDF file can trigger code execution on vulnerable systems. The vulnerability affects the GDF parsing path within libbiosig...

CVE-2025-52581

An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-52581

An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2233 The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52581 SUMMARY An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project...

Linux Distros Unpatched Vulnerability : CVE-2014-6262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execut...

Authorization Bypass in MLflow Basic Auth (unprotected Flask/GraphQL routes)

This report is not public...

IPIGuard: a Novel Tool Dependency Graph-Based Defense against Indirect Prompt Injection in LLM Agents

Large language model LLM agents are widely deployed in real-world applications, where they leverage tools to retrieve and manipulate external data for complex tasks. However, when interacting with untrusted data sources e.g., fetching information from public websites, tool responses may contain...

CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38607

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...

UBUNTU-CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

UBUNTU-CVE-2025-38607

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...

CVE-2025-38614

The CVE-2025-38614 entry describes a Linux kernel vulnerability in eventpoll where recursion depth in ep_loop_check_proc() could form deep trees and trigger semi-unbounded recursion. The root cause involved two shortcomings: (1) the depth checks did not consider upward paths, and (2) multiple dow...

CVE-2025-38614 eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38614

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

CVE-2025-38607

CVE-2025-38607 relates to the Linux kernel BPF_JSET conditional jump; verifier.c:can_jump() could miscompute live registers and SCC during CFG analysis, potentially affecting correctness of analysis. The issue was resolved by handling jset jumps in CFG computation. Affected component: BPF/JSET ha...

CVE-2025-38607

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the bpf module not treating jset as a jump in CFG calculations...

PT-2025-33812

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the eventpoll subsystem that could allow for semi-unbounded recursion. The issue stems from insufficient depth checks when creating graph edges...

PT-2025-33805 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where the BPF JSET conditional jump is not correctly handled during control flow graph CFG computation. This can lead to incorrect live register and...