11953 matches found
EUVD-2025-206469
A segmentation violation in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71001
CVE-2025-71001 affects OneFlow v0.9.0 in the flow.column_stack component, where a segmentation fault can be triggered by crafted input to cause a Denial of Service. The vulnerability is documented across multiple sources (NVD/Red Hat/OSV/etc.) with no fixed version provided by the included refere...
CVE-2025-71004
A segmentation violation in the oneflow.logicalor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71001
A segmentation violation in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71004
CVE-2025-71004 affects OneFlow v0.9.0 in the oneflow.logical_or component, where a segmentation violation can be triggered by crafted input, leading to Denial of Service. Multiple connected sources (NVD, Red Hat, OSV, CVE lists) concur on the same root cause and impact. The documents do not speci...
PT-2026-5209
A segmentation violation in the oneflow.logical or component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
A vulnerability was found in PHP. If a SoapVar instance is created with a fully qualified name larger than 2G, this will cause a NULL pointer dereference resulting in a segmentation fault, leading to a denial of service...
LLM-Assisted Authentication and Fraud Detection
User authentication and fraud detection face growing challenges as digital systems expand and adversaries adopt increasingly sophisticated tactics. Traditional knowledge-based authentication remains rigid, requiring exact word-for-word string matches that fail to accommodate natural human memory...
CVE-2025-59097
The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...
EUVD-2025-206361
The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...
OSV-2026-141 Segv on unknown address in yuv2rgb4_X_c
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=478212631 Crash type: Segv on unknown address Crash state: yuv2rgb4Xc packedvscale ffswscale...
Alibaba Cloud Linux 3 : 0012: libpq (ALINUX3-SA-2026:0012)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0012 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-12818: Integer wraparound in multiple...
Dormakaba Access Manager security vulnerabilities
The Dormakaba Access Manager is a smart hardware controller developed by the Dormakaba company in the United States. There are security vulnerabilities associated with the Dormakaba Access Manager. These vulnerabilities stem from the default configuration, where SOAP requests are sent to the Acce...
PT-2026-4747
The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...
AZL-75204 CVE-2026-24401 affecting package avahi for versions less than 0.8-5
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
AZL-75207 CVE-2026-24401 affecting package avahi for versions less than 0.8-7
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
ALPINE-CVE-2026-24401
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
Avahi security vulnerability
Avahi is a set of open-source local service discovery tools for Linux. Versions of Avahi 0.9rc2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the sending of mDNS responses that included recursive CNAME records, which could lead to segmentation violations and...
OESA-2026-1204 harfbuzz security update
HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...
SUSE-SU-2026:0274-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251787. - CVE-2025-38476: rpl: Fix use-after-free in rpldosrhinline...