PT-2025-53109

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the erofs filesystem related to pcluster objects. Specifically, the issue occurs when a pcluster is registered with a zero block address, which...

PT-2025-26958 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread versions up to 5.1.0 Description: A critical vulnerability was found in RT-Thread, affecting the functions sys device open, sys device read, sys device control, sys device init, sys device close, and sys device write of the file...

CVE-2019-9693

In CMS Made Simple CMSMS before 2.2.10, an authenticated user can achieve SQL Injection in class.showtime2data.php via the functions updateshow parameter showid, inputshow parameter showid, Getshowinfo parameter showid, Getpictureinfo parameter pictureid, AdjustNameSeq parameter shownumber,...

PT-2025-28638 · Git +1 · Tarantool

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software contains a stack-buffer-overflow write issue. The crash state involves the functions snap usedef, lj snap purge, and lj record ins...

PT-2025-27561 · Git +1 · Tarantool

Name of the Vulnerable Software and Affected Versions: Lua affected versions not specified Description: The Lua interpreter suffers from a heap-use-after-free issue. The crash state indicates the issue occurs within the lj strfmt pushvf, lua pushfstring, and luaL loadfilex functions...

pared Vulnerable to Use After Free in `Parc` and `Prc` Due to Missing Lifetime Constraints

Affected versions of this crate didn't provide sufficient lifetime constraints to conversion functions from alloc::sync::Arc and alloc::rc::Rc, which made it possible to create projections of these reference counted pointers. Unlike the original reference counted pointers, these projections could...

RUSTSEC-2025-0016 Use after free in `Parc` and `Prc` due to missing lifetime constraints

Affected versions of this crate didn't provide sufficient lifetime constraints to conversion functions from alloc::sync::Arc and alloc::rc::Rc, which made it possible to create projections of these reference counted pointers. Unlike the original reference counted pointers, these projections could...

PT-2025-3459 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 mp42avc version 3bdc891602d19789b8e8626e4a3e613a937b4d35 Description: The issue is a buffer overflow vulnerability that allows a local attacker to execute arbitrary code via the AP4 File::ParseStream and related functions. This...

PT-2024-24182 · Rizin · Rizin

Name of the Vulnerable Software and Affected Versions: rizin versions prior to v0.6.3 Description: The issue is related to Uncontrolled Resource Consumption. It affects the bin pe parse imports, Pe r bin pe parse var, and estimate slide functions. There is no information provided about the...

PT-2023-35618 · Git +1 · Libxaac

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 4. The crash state involves several functions, including iaace estimate sc...

PT-2023-35608 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow crash. Technical details about the crash include the functions isvcd populate res prms, isvcd parse...

PT-2023-35589 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP affected versions not specified Description: The issue is related to a crash type of UNKNOWN WRITE. The crash state involves several functions, including php strip url passwd, php message handler for zend, and zend message dispatcher...

PT-2023-36001 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions: bit chain alloc size, bit write RC, and bit ...

PT-2023-35990 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue has been identified, potentially causing a crash. The crash involves the functions dxf fixup string, dxf header write,...

PT-2023-35952 · Git +1 · Fluent-Bit

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions: reset context, finish metric, and cmt decode...

PT-2023-35884 · Uofs · Uofs

Name of the Vulnerable Software and Affected Versions: uofs affected versions not specified Description: The issue is related to a heap-buffer-overflow read, which occurs in the uofs component. Specifically, the crash happens in the pdfi find cff index and pdfi read cff font functions...

PT-2023-35800 · Git +1 · Clamav

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves several functions: cli html normalise, html normalise map, and cli scanhtm...

PT-2023-35781 · Git +1 · Ruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Use-after-poison READ 8. The crash state involves several function calls, including str new frozen...

PT-2023-35758 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Global-buffer-overflow READ 8. The crash state involves several functions: dwg codepage dxfstr, dxf...

PT-2023-35740 · Git +1 · Wireshark

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash. Technical details include a crash type of Stack-buffer-overflow WRITE 4. The crash state involves...