475 matches found
EUVD-2025-203108
A vulnerability was detected in ggml-org whisper.cpp up to 1.8.2. Affected is the function readaudiodata of the file /whisper.cpp/examples/common-whisper.cpp. The manipulation results in use after free. The attack requires a local approach. The exploit is now public and may be used. The project w...
EUVD-2020-20807
Malware in sbrugna...
CVE-2025-53671
creationtimestamp| type| source ---|---|--- 2025-07-09 18:39:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltkhm5rk7i25...
CGA-4394-XHFC-XWV2
Bulletin has no description...
CVE-2024-12143
creationtimestamp| type| source ---|---|--- 2025-06-27 19:35:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsmf5b5apl2m...
CVE-2025-43924
creationtimestamp| type| source ---|---|--- 2025-06-03 15:49:40+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpndniq7pj2...
GHSA-8X27-JWJR-8545 SQL injection in ADOdb PostgreSQL driver pg_insert_id() method
Improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pginsertid with user-supplied data. Note that the indicated Severity corresponds to a worst-case usage scenario. Impact PostgreSQL...
CVE-2022-46807
creationtimestamp| type| source ---|---|--- 2024-12-13 14:59:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113646105718672385...
kaml has potential denial of service while parsing input with anchors and aliases
Impact Applications that use kaml to parse untrusted input containing anchors and aliases may consume excessive memory and crash. Patches Version 0.53.0 and later default to refusing to parse YAML documents containing anchors and aliases. Workarounds None. References Wikipedia has an explanation ...
`tokio::io::ReadHalf<T>::unsplit` is Unsound
tokio::io::ReadHalf::unsplit can violate the Pin contract The soundness issue is described in the tokio/issues5372 Specific set of conditions needed to trigger an issue a !Unpin type in ReadHalf is unusual, combined with the difficulty of making any arbitrary use-after-free exploitable in Rust...
ASB-A-250627529
Bulletin has no description...
GHSA-65MJ-7C86-79JF Authentication Bypass in ADOdb/ADOdb
Impact An attacker can inject values into a PostgreSQL connection string by providing a parameter surrounded by single quotes. Depending on how the library is used in the client software, this may allow an attacker to bypass the login process, gain access to the server's IP address, etc. Patches...
GHSA-X9R5-JXVQ-4387 jquery.terminal self XSS on user input
Impact This is low impact and limited XSS, because code for XSS payload is always visible, but attacker can use other techniques to hide the code the victim sees. Also if the application use execHash option and execute code from URL the attacker can use this URL to execute his code. The scope is...
envoy/h1_capture_direct_response_fuzz_test: Crash in Envoy::TestUtility::findCounter
Detailed report: https://oss-fuzz.com/testcase?key=5756178220449792 Project: envoy Fuzzer: libFuzzerenvoyh1capturedirectresponsefuzztest Fuzz target binary: h1capturedirectresponsefuzztest Job Type: libfuzzerasanenvoy Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x7f55425a59b0 Crash...
llvm/clang-fuzzer: Stack-buffer-overflow in clang::expandUCNs
Project: https://github.com/llvm/llvm-project.git Detailed report: https://oss-fuzz.com/testcase?key=5041559499177984 Project: llvm Fuzzer: libFuzzerllvmclang-fuzzer Fuzz target binary: clang-fuzzer Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash...