5610 matches found
ROS-20250818-06
A vulnerability in the fs/hfs.c file of the hfs component of the Grub2 operating system boot loader is related to writing beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the current user using a speciall...
Linux Distros Unpatched Vulnerability : CVE-2019-19777
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain. CVE-2019-19777 Note that...
GHSA-V6CF-MV9H-C8MC Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...
Bouncy Castle for Java Uncontrolled Resource Consumption Vulnerability
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...
CVE-2025-9092
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via org.Bouncycastle.Crypto.Fips.NativeLoader. An attacker can cause excessive resource allocation by deploying hybrid modules in multi-JVM environments, potentially leading to resour...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via org.Bouncycastle.Crypto.Fips.NativeLoader. An attacker can cause excessive resource allocation by deploying hybrid modules in multi-JVM environments, potentially leading to resour...
CVE-2025-9092 Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...
CVE-2025-9092
CVE-2025-9092 is an Uncontrolled Resource Consumption issue affecting Bouncy Castle for Java – BC-FJA 2.1.0 bc-fips (API modules), with the vulnerable component identified as org.Bouncycastle.Crypto.Fips.NativeLoader. Public sources (NVD/IBM bulletin) confirm the affected delivery from BC-FJA 2.1...
Bouncy Castle Java 安全漏洞
Bouncy Castle Java is a cryptographic algorithm program open-sourced by Legion of the Bouncy Castle Inc. A security vulnerability exists in Bouncy Castle Java version 2.1.0, which stems from a resource over-allocation issue in the org.Bouncycastle.Crypto.Fips.NativeLoader file...
PT-2025-33545 · Unknown · Bouncy Castle For Java - Bc-Fja
Name of the Vulnerable Software and Affected Versions: Bouncy Castle for Java - BC-FJA versions 2.1.0 through 2.1.0 Description: An uncontrolled resource consumption issue exists in Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules that allows excessive allocation. The issue is associated...
Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools
A Chinese-speaking advanced persistent threat APT actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talo...
UAT-7237 targets Taiwanese web hosting infrastructure
Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat APT group active since at least 2022, which has significant overlaps with UAT-5918. UAT-7237 conducted a recent intrusion targeting web infrastructure entities within Taiwan and relies heavily on the use of open-source...
Malicious code in meteor-fomalhaut-izar-sass-loader (npm)
The package meteor-fomalhaut-izar-sass-loader was found to contain malicious code...
Malicious code in ichnology-less-loader-eigenstate-asthenosphere (npm)
The package ichnology-less-loader-eigenstate-asthenosphere was found to contain malicious code...
Malicious code in metalsmith-grus-less-loader-gridsome (npm)
The package metalsmith-grus-less-loader-gridsome was found to contain malicious code...
Malicious code in sublimation-radiant-less-loader-ablation (npm)
The package sublimation-radiant-less-loader-ablation was found to contain malicious code...
Malicious code in altair-helios-start-sass-loader (npm)
The package altair-helios-start-sass-loader was found to contain malicious code...
Malicious code in sass-loader-jupiter-coronalmassejection-filament (npm)
The package sass-loader-jupiter-coronalmassejection-filament was found to contain malicious code...
Malicious code in com.unity.xrtools.module-loader (npm)
The package com.unity.xrtools.module-loader was found to contain malicious code...