92 matches found
UBUNTU-CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-60686
ToToLink routers (A720R V4.1.5cu.614_B20230630; LR1200GB V9.1.0u.6619_B20230130; NR1800X V9.1.0u.6681_B20230703) contain a local stack-based buffer overflow in infostat.cgi and cstecgi.cgi. Both binaries parse /proc/net/arp using sscanf() with the %s specifier into fixed-size stack buffers withou...
rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters
An unsafe default behavior in Rack::QueryParser allows bypass of the paramslimit parameter count restriction when query string parameters are delimited by semicolons ; rather than ampersands &. The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, ...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the jsbigintfromstring function when parsing strings with an excessively large number of digits. An attacker can cause a heap out-of-bounds write by supplying a crafted string input that triggers an...
CVE-2025-62496 Integer overflow in js_bigint_from_string in QuickJS
A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...
EUVD-2016-10657
Malware in sbrugna...
EUVD-2010-4622
Malware in sbrugna...
EUVD-2000-0794
Malware in sbrugna...
EUVD-2015-3324
Malware in sbrugna...
EUVD-2023-2608
Malicious code in bioql PyPI...
EUVD-2025-15914
Malicious code in bioql PyPI...
Use of Externally-Controlled Format String
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Use of Externally-Controlled Format String
Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
DEBIAN-CVE-2025-37927
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...
CVE-2025-37927
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...
UBUNTU-CVE-2025-37927
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...
CVE-2025-37927 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...
CVE-2025-37927 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential buffer overflow in parseivrsacpihid There is a string parsing logic error which can lead to an overflow of hid or uid buffers. Comparing ACPIIDLEN against a total string length doesn't take into account t...
CVE-2025-37927
CVE-2025-37927 affects the Linux kernel’s iommu/amd subsystem (parse_ivrs_acpihid). A string parsing logic error could cause a buffer overflow in HID or UID buffers when combining strings, because ACPIID_LEN is compared to the total length rather than the lengths of the individual HID and UID buf...