143 matches found
OESA-2025-1779 nbdkit security update
NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...
OESA-2025-1778 nbdkit security update
NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...
OESA-2025-1777 nbdkit security update
NBD Network Block Device is a protocol for accessing Block Devices hard disks and disk-like things over a Network. nbdkit is a toolkit for creating NBD servers. The key features are: Multithreaded NBD server written in C with good performance. Minimal dependencies for the basic server. Liberal...
AZL-63878 CVE-2025-47711 affecting package nbdkit for versions less than 1.35.3-4
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
CVE-2025-47711
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
CVE-2025-47712
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...
AZL-63801 CVE-2025-47711 affecting package nbdkit for versions less than 1.35.3-7
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
AZL-63875 CVE-2025-47712 affecting package nbdkit for versions less than 1.35.3-4
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...
DEBIAN-CVE-2025-47711
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
PT-2025-50084
Name of the Vulnerable Software and Affected Versions Qualcomm embedded platform firmware affected versions not specified Description A flaw exists in the Qualcomm embedded platform firmware related to an integer overflow. Exploitation may allow an attacker to cause a denial-of-service condition...
Cutting through Privacy: a Hyperplane-Based Data Reconstruction Attack in Federated Learning
Federated Learning FL enables collaborative training of machine learning models across distributed clients without sharing raw data, ostensibly preserving data privacy. Nevertheless, recent studies have revealed critical vulnerabilities in FL, showing that a malicious central server can manipulat...
SUSE CVE-2025-47711
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...
SUSE CVE-2025-1386
When using the ch-go library, under a specific condition when the query includes a large, uncompressed malicious external data, it is possible for an attacker in control of such data to smuggle another query packet into the connection stream...
Missing Release of Memory after Effective Lifetime
Overview org.infinispan:infinispan-server-rest is an Infinispan Rest Server. Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime via the REST compare API. A user can trigger an OutOfMemoryError by sending many requests with large 1 MiB POST data ...
CVE-2024-10650
An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...
Excessive Data Query Operations in a Large Data Table
Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Excessive Data Query Operations in a Large Data Table through the tracking and simultaneous querying of a large number of Text objects via the web API. An attacker ca...
CVE-2024-10650
An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...
CVE-2024-10650 Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt
An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...
CVE-2024-10650 Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt
An unauthenticated Denial of Service DoS vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. Although a patch was applied for CVE-2024-7807, the issue can still be exploited by sending data in groups...
CVE-2025-29910
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A memory leak vulnerability was identified in the...