35 matches found
CVE-2025-36920
In hypalloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
null pointer dereference vulnerability in mrubyc 3.4
A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbcrawrealloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is...
EUVD-2021-20156
Malware in sbrugna...
EUVD-2021-20154
Malware in sbrugna...
EUVD-2021-32939
Malicious code in bioql PyPI...
HTACG tidy-html5 alloc.c defaultAlloc memory leak
...
Linux Distros Unpatched Vulnerability : CVE-2021-33450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasmcalloc in nasmlib/alloc.c. CVE-2021-33450 Note that Nessus relies on the presence...
DEBIAN-CVE-2025-6498
A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...
UBUNTU-CVE-2025-6498
A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...
EulerOS 2.0 SP11 : vim (EulerOS-SA-2024-2570)
According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to...
Vim double free in src/alloc.c:616
...
CVE-2024-41957
Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points...
CVE-2024-41957 Vim double free in src/alloc.c:616
Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points...
CVE-2024-41957 Vim double free in src/alloc.c:616
Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points...
CVE-2024-41957 Vim double free in src/alloc.c:616
Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points...
CVE-2024-41957
Vulnerability CVE-2024-41957 affects Vim before 9.1.0647, where a double-free/Use-After-Free could occur during window close if a quickfix list references the same tagstack data. The issue is described as low impact in the public note, requiring non-default flags to be effective, and it has been ...
CVE-2023-31654
Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c...
Amazon Linux 2023 : vim-common, vim-data, vim-default-editor (ALAS2023-2023-431)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-431 advisory. Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function gagrowinner in in the file src/alloc.c at line 748, which is freed in the file...
Vim 资源管理错误漏洞
Vim is a cross-platform text editor. Vim suffers from a memory misreference vulnerability that originates from a messed up instruction in the function gagrowinner in file src/alloc.c that is responsible for freeing memory. An attacker can exploit the vulnerability which may lead to program crash,...
SUSE-SU-2022:4631-1 Security update for vim
This update for vim fixes the following issues: Updated to version 9.0.1040: - CVE-2022-3491: vim: Heap-based Buffer Overflow prior to 9.0.0742 bsc1206028. - CVE-2022-3520: vim: Heap-based Buffer Overflow bsc1206071. - CVE-2022-3591: vim: Use After Free bsc1206072. - CVE-2022-4292: vim: Use After...