799 matches found
Advisory ROSA-SA-2025-2710
Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 packageevrstring: libxml2-2.9.7-18.0.1 CVE-ID: CVE-2021-3518 BDU-ID: 2021-05283 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the xinclude.c component of the Libxml2 library is related to memory usage after it has been freed. Exploitation of th...
CVE-2025-25942
An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released...
CVE-2025-25942
An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released...
OpenBSD OpenSSH 9.5p1 - 9.9p1 DoS Vulnerability
OpenBSD OpenSSH is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2024-22393
Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...
PT-2025-6503 · Lexmark · Lexmark Devices
Name of the Vulnerable Software and Affected Versions: Lexmark devices affected versions not specified Description: A heap-based memory issue has been identified in the Postscript interpreter of various Lexmark devices. This issue can be leveraged by an attacker to execute arbitrary code...
CVE-2025-21694
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in readvmcore part 2 Since commit 5cbcb62dddf5 "fs/proc: fix softlockup in readvmcore" the number of softlockups in readvmcore at kdump time have gone down, but they still happen sometimes. In a memory...
PT-2025-7066 · Node.Js +1 · Node.Js +1
Name of the Vulnerable Software and Affected Versions: parse-duraton versions prior to 2.1.3 Description: The issue is related to an event loop delay due to the CPU-bound operation of resolving the provided string, which can range from 0.5ms to 50ms per operation, depending on the size of the inp...
totally-safe-transmute allows transmuting any type to any other type in safe Rust
This crate is a toy and should never be used. It showcases a known soundness issue https://github.com/rust-lang/rust/issues/32670 that will never get fixed. In short, Linux provides a file called /proc/self/mem which can be used by a program to modify its own memory. This library modifies an enum...
Azure Linux 3.0 Security Update: cert-manager / containerized-data-importer / cri-o / dcos-cli / keda / kubernetes (CVE-2024-28180)
The version of cert-manager / containerized-data-importer / cri-o / dcos-cli / keda / kubernetes installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28180 advisory. - Package jose aims to provide an...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49983)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49983 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: drop ppath from...
CVE-2024-43410
Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length,...
CVE-2024-23835
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the...
CVE-2024-32663
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19...
Vulnerability of components fs/ext4/inode.c and fs/ext4/super.c in the Linux operating system’s kernel, which allows a hacker to cause a service failure
The vulnerability in the fs/ext4/inode.c and fs/ext4/super.c components of the Linux operating system’s kernel relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
CVE-2025-24085
A use after free issue was addressed with improved memory management. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been...
CVE-2025-24118
The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory...
USN-7179-4: Linux kernel (Xilinx ZynqMP) vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
PT-2025-5319 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.3 Description: The issue was addressed with improved memory handling. An app may be able to cause unexpected system termination or corrupt kernel memory. Recommendations: For versions prior to 15.3, update to macOS...
Ubuntu: Security Advisory (USN-7220-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...