16 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper cleanup in error paths within resource extraction and scanning processes. An attacker can degrade system availability by causing resource leaks and exhausting file...
Allocation of Resources Without Limits or Throttling
Overview github.com/hashicorp/vault/command is a tool for secrets management, encryption as a service, and privileged access management. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing JSON payloads before applying rate...
Authentication Bypass Using an Alternate Path or Channel
Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the AWS Auth method. An attacker can gain unauthorized access by exploiting mishandling of cache entries when the configured boundprincipaliam role is identical across AWS...
SUSE CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
DEBIAN-CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
UBUNTU-CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
CVE-2025-9136 libretro RetroArch file_stream.c filestream_vscanf out-of-bounds
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
CVE-2025-9136
CVE-2025-9136 affects libretro RetroArch 1.18.0/1.19.0/1.20.0. The flaw is in filestream_vscanf of libretro-common/streams/file_stream.c, causing an out-of-bounds read. The CVE describes a local attacker exploit and recommends upgrading to 1.21.0. Fedora advisories linked here show updates to 1.2...
CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
PT-2025-5568 · Unknown +1 · Kubewarden-Controller +1
Name of the Vulnerable Software and Affected Versions: kubewarden-controller versions 1.17.0 through 1.20.x Description: The issue allows an attacker to obtain information about resources that are out of their reach by leveraging a higher access to the cluster granted to the ServiceAccount token...
PT-2024-1773 · Intel · Ispc
Name of the Vulnerable Software and Affected Versions: IntelR ISPC software versions prior to 1.21.0 Description: The issue is related to an uncontrolled search path element in the Implicit SPMD Program Compiler ISPC software. This could potentially allow an authenticated user to escalate their...
PT-2023-10637 · Cksurf · Cksurf
Name of the Vulnerable Software and Affected Versions: nikooo777 ckSurf versions 1.19.2 and earlier Description: A vulnerability was found in the function SpecListMenuDead of the file csgo/addons/sourcemod/scripting/ckSurf/misc.sp of the component Spectator List Name Handler. The manipulation of...
PT-2020-6649
Name of the Vulnerable Software and Affected Versions NGINX versions prior to 1.17.7 Description The issue is related to HTTP request smuggling in NGINX, which can be exploited by an attacker to read unauthorized web pages, particularly in environments where NGINX is fronted by a load balancer...