12 matches found
Debusine 后置链接漏洞
Debusine is a software supply management platform for the Debian community, focused on package building, testing, analysis, and distribution. Debusine has a post-installation vulnerability that stems from allowing arbitrary user-controlled paths during the parsing of Debian source packages and th...
USN-8085-1: .NET vulnerabilities
It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. This issue only affected .NET 9.0 and .NET 10.0. CVE-2026-26127...
uv 安全漏洞
UV is a project management tool developed by Astral. There is a security vulnerability in UV, which allows attackers to execute malicious code during the software package parsing or installation process through a specially crafted ZIP archive...
platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
...
CVE-2025-71101
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...
SUSE CVE-2025-71101
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...
UBUNTU-CVE-2025-71101
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...
CVE-2025-71101 platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...
CVE-2025-71101
CVE-2025-71101 stems from the Linux kernel HP-BIOSCFG driver’s ACPI package parsing: hp_populate_*_elements_from_package() reads multi-element fields (PREREQUISITES, ENUM_POSSIBLE_VALUES) using offsets like enum_obj[elem + reqs] or enum_obj[elem + pos_values], but the bounds check only validated ...
PT-2026-2622
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The hp populate elements from package functions within the hp-bioscfg driver contain out-of-bounds array access issues. These functions parse ACPI packages, and a flaw exists in how arra...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper hfi package parsing logic, which could lead to out-of-bounds access...
[ASA-202107-19] ruby-addressable: denial of service
Arch Linux Security Advisory ASA-202107-19 ========================================== Severity: Medium Date : 2021-07-06 CVE-ID : CVE-2021-32740 Package : ruby-addressable Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2136 Summary ======= The package...