11953 matches found
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992840)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992840 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some...
EUVD-2025-205846
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getSpan function's memory size check in MemoryInstance, where a multiplication operation can wrap, causing checkAccessBound to incorrectly allow access. An attacker can cause a segmentation fault b...
CVE-2025-69261
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...
CVE-2025-50343
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...
CVE-2025-69261
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...
UBUNTU-CVE-2025-69261
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...
UBUNTU-CVE-2025-50343
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...
CVE-2025-69261 WasmEdge integer wrap in MemoryInstance::getSpan()'s memory size check
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...
CVE-2025-69261
Summary: CVE-2025-69261 affects WasmEdge, a WebAssembly runtime. Prior to 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound() to incorrectly permit access and may trigger a segmentation fault. A patch is included in 0.16.0-alpha.3. R...
CVE-2022-50879
In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT findinsn will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference...
CVE-2025-50343
CVE-2025-50343 affects libmatio (MAT-file I/O library). A heap-based memory corruption can occur in Mat_VarCreateStruct() when nfields does not match the actual number of strings in the fields array, causing out-of-bounds reads and invalid memory frees during cleanup, potentially leading to a seg...
WasmEdge 输入验证错误漏洞
WasmEdge is a WebAssembly runtime open-sourced by WasmEdge Runtime. An input validation error vulnerability exists in WasmEdge versions prior to 0.16.0-alpha.3, which stems from a multiplication operation resulting in a wrap-around error that could trigger a segmentation violation...
MATIO 安全漏洞
MATIO is an open source C language library for reading and writing binary MATLAB MAT files by tbeu individual developers. A security vulnerability exists in MATIO version 1.5.28, which stems from a mismatch between the value of nfields in the MatVarCreateStruct function and the actual number of...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992645 advisory. In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before...
SecureBank: A Financially-Aware Zero Trust Architecture for High-Assurance Banking Systems
Financial institutions increasingly rely on distributed architectures, open banking APIs, cloud native infrastructures, and high frequency digital transactions. These transformations expand the attack surface and expose limitations in traditional perimeter based security models. While Zero Trust...
CVE-2025-14180
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
AZL-73234 CVE-2025-14180 affecting package php for versions less than 8.1.34-1
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...