1295 matches found
EUVD-2023-41203
Malicious code in bioql PyPI...
EUVD-2021-30532
Malicious code in bioql PyPI...
EUVD-2021-3071
Malicious code in bioql PyPI...
EUVD-2022-30459
Malicious code in bioql PyPI...
EUVD-2025-14831
Malicious code in bioql PyPI...
DEBIAN-CVE-2023-53196
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3qcomprobe allocates memory for resource structure which is pointed by parentres pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent...
CVE-2023-53196 usb: dwc3: qcom: Fix potential memory leak
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak Function dwc3qcomprobe allocates memory for resource structure which is pointed by parentres pointer. This memory is not freed. This leads to memory leak. Use stack memory to prevent...
CVE-2023-53196
CVE-2023-53196 affects the Linux kernel USB subsystem (dwc3 on Qualcomm platforms). The issue was a memory leak in dwc3_qcom_probe(), where allocated memory for the resource structure pointed to by parent_res was not freed. The fix replaces that dynamic allocation with stack-allocated memory to p...
md/raid1: Fix stack memory use after return in raid1_reshape
...
Linux Distros Unpatched Vulnerability : CVE-2019-9578
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device. CVE-2019-9578 Note that...
Linux Distros Unpatched Vulnerability : CVE-2016-4485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain...
Linux Distros Unpatched Vulnerability : CVE-2020-13899
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in janus-gateway aka Janus WebRTC Server through 0.10.0. janusprocessincomingrequest in janus.c discloses information from uninitialized...
CVE-2012-10057
Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...
CVE-2025-53012
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsin...
CVE-2025-53012
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsin...
CVE-2025-53022
TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...
PT-2025-31672 · Materialx · Materialx
Name of the Vulnerable Software and Affected Versions: MaterialX version 1.39.2 Description: MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. Nested imports of MaterialX files can lead to a crash due to stack memory...
CVE-2025-53022
TrustedFirmware-M aka Trusted Firmware for M profile Arm CPUs before 2.1.3 and 2.2.x before 2.2.1 lacks length validation during a firmware upgrade. While processing a new image, the Firmware Upgrade FWU module does not validate the length field of the Type-Length-Value TLV structure for dependen...
PT-2025-31436
Name of the Vulnerable Software and Affected Versions TrustedFirmware-M versions prior to 2.1.3 TrustedFirmware-M versions 2.2.x prior to 2.2.1 Description TrustedFirmware-M lacks length validation during a firmware upgrade. The Firmware Upgrade FWU module does not validate the length field of th...
firefox: thunderbird: JavaScript engine only wrote partial return value to stack
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit platforms, IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, reads the entire 64 bits...