CVE-2025-31115 XZ has a heap-use-after-free bug in threaded .xz decoder

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

CVE-2025-31115

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

CVE-2025-31115 XZ has a heap-use-after-free bug in threaded .xz decoder

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

UBUNTU-CVE-2025-31115

XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...

glibc bug fix update

An update is available for glibc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...

XZ Utils 安全漏洞

XZ Utils is an open source utility program by Tukaani. A security vulnerability exists in XZ Utils versions 5.3.3alpha through 5.8.0, which stems from a flaw in the multithreaded .xz decoder that could lead to a crash and reuse after release...

PT-2025-14778

Name of the Vulnerable Software and Affected Versions XZ Utils versions 5.3.3alpha through 5.8.0 Description The multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on the null...

CVE-2023-52930

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential bit17 double-free A userspace with multiple threads racing I915GEMSETTILING to set the tiling to I915TILINGNONE could trigger a double free of the bit17 bitmask. Or conversely leak memory on the transition...

Linux Distros Unpatched Vulnerability : CVE-2016-8605

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could en...

Exploit for Code Injection in Craftcms Craft_Cms

CVE-2024-56145: Craft CMS Exploitation Tool 🚨 This tool is de...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the net component where sk-skforwardalloc is unlocked during a multi-threaded call to...

PYSEC-2024-311

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

UBUNTU-CVE-2024-47813

Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a wasmtime::Engine's internal type registry was susceptible to double-unregistration bugs due to a race condition, leading to panics and potentially type registry corruption. That registry corruption...

CentOS 7 : kernel-alt (RHSA-2020:0174)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0174 advisory. - In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket...

Exploit for Out-of-bounds Write in Mikrotik Routeros

cve-2023-30800-multithread-doser Multithredded DoS Python Scri...

SUSE CVE-2024-43889

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...

DEBIAN-CVE-2024-43889

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...

AZL-48293 CVE-2024-43889 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: padata: Fix possible divide-by-0 panic in padatamthelper We are hit with a not easily reproducible divide-by-0 panic in padata.c at bootup time. 10.017908 Oops: divide error: 0000 1 PREEMPT SMP NOPTI 10.017908 CPU: 26 PID: 2627...

[SECURITY] Fedora 39 Update: libnbd-1.18.5-1.fc39

NBD =E2=80=94 Network Block Device =E2=80=94 is a protocol for accessing Bloc k Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and asynchronous APIs, both for ease of...

Veritas Technologies Veritas NetBackup 安全漏洞

Veritas Technologies Veritas NetBackup is a powerful enterprise-class data backup management software from Veritas Technologies, USA. A security vulnerability exists in Veritas Technologies Veritas NetBackup versions prior to 10.4, which originates from the ability to perform arbitrary file...