796 matches found
CVE-2025-32911
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32907
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a fu...
CVE-2025-32381
XGrammar (open-source library for structured generation) has a DoS in-memory cache vulnerability. Before version 0.1.18, an unbounded in-memory cache of compiled grammars can be filled by many unique inputs (e.g., numerous JSON schemas), exhausting host memory and causing denial of service. The i...
CVE-2025-27534
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory...
CVE-2023-52998
In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...
CVE-2023-52998 net: fec: Use page_pool_put_full_page when freeing rx buffers
In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...
CVE-2022-49754
CVE-2022-49754: Linux kernel Bluetooth mgmt_mesh_add() contains a buffer overflow risk in mgmt_util.c. Smatch indicates mesh_tx->param is 48 bytes while the destination can reach 50 bytes; caller rejects only when len > 50, creating a potential overflow window. Multiple connected sources co...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
USN-7367-1 zvbi vulnerabilities
It was discovered that zvbi incorrectly handled memory when processing user input. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
CVE-2024-7771
A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...
firefox: JIT corruption of WASM i32 return values on 64-bit CPUs
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...
SmallRye Fault Tolerance out-of-memory (OOM) issue
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240 Smallrye-fault-tolerance: smallrye fault tolerance
A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...
CVE-2025-2240
CVE-2025-2240 is a Smallrye fault-tolerance OOM/DoS issue triggered by the metrics endpoint: each call allocates a new object in meterMap, potentially exhausting memory and causing DoS. Connected advisories confirm a fix is available in updated SmallRye Fault Tolerance core; remediation is to upg...
USN-7299-3 xorg-server, xwayland regression
USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update reverts it pending further investigation. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations...
Advisory ROSA-SA-2025-2757
Software: rsync 3.1.2 OS: rosa-server79 packageevrstring: rsync-3.1.2-12.0.2.res7 CVE-ID: CVE-2024-12085 BDU-ID: 2025-00376 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the rsyncd daemon of the Rsync file transfer and synchronization utility is related to an operation exceeding buffer boundaries ...
ROS-20250307-03
A vulnerability in the Extensions component of Google Chrome and Microsoft Edge browser exists due to failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow an attacker, acting remotely, to escalate privileges using a specially crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2024-57793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possib...
Linux Distros Unpatched Vulnerability : CVE-2025-21778
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Do not allow mmap of persistent ring buffer When trying to mmap a trace instance...