49 matches found
SUSE CVE-2026-42440
OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...
UBUNTU-CVE-2026-42440
OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...
CVE-2026-42440 Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader
OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...
Astra Linux - уязвимость в webkit2gtk
Several issues were addressed by disabling array allocation sinking. This issue has been fixed in Safari 26.1, iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, and visionOS 26.1. Processing maliciously crafted web content may result in an unexpected process crash...
JLSEC-2026-317
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FLarrmalloc in H5FL.c called from H5Ssetextentsimple in H5S.c...
Security update for webkit2gtk3
This update for webkit2gtk3 fixes the following issues: Update to version 2.50.3. Security issues fixed: CVE-2025-13502: processing of maliciously crafted payloads by the GLib remote inspector server may lead to a UIProcess crash due to an out-of-bounds read and an integer underflow bsc1254208...
MGASA-2025-0325 Updated webkit2 packages fix security vulnerabilities
A website may be able to exfiltrate sensitive system information. Description: The issue was addressed through improved state checks - CVE-2025-13947. Processing maliciously crafted web content may lead to an unexpected process crash. Description: Multiple issues were addressed by disabling array...
SUSE CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43421
A flaw was found in WebKitGTK. Processing malicious web content can cause multiple issues in the JIT compiler and result in an unexpected process crash. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4...
DEBIAN-CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
UBUNTU-CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2025-43421
CVE-2025-43421 affects WebKitGTK/WebKit2GTK (webkitgtk2/webkitgtk4) and is caused by issues around processing maliciously crafted web content that can lead to an unexpected process crash due to memory handling/array allocation sinking. Multiple advisories confirm the flaw and reference fixes in W...
CVE-2025-43421
Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...
PT-2025-44857
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.1 iPadOS versions prior to 26.1 Safari versions prior to 26.1 visionOS versions prior to 26.1 Description The software contains an issue addressed by disabling array allocation sinking. Processing maliciously crafted w...
EUVD-2023-1784
Malicious code in bioql PyPI...
CVE-2025-38407 riscv: cpu_ops_sbi: Use static array for boot_data
In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...