EUVD-2020-24957

Malware in sbrugna...

EUVD-2020-3579

Malware in sbrugna...

EUVD-2024-0293

Malicious code in bioql PyPI...

Argo CD 安全漏洞

Argo CD is an Argo open source declarative GitOps continuous delivery tool for Kubernetes. A security vulnerability exists in Argo CD that stems from not checking the length of JSON arrays, which could lead to a denial-of-service attack. The following versions are affected: versions 2.9.0-rc1...

UBUNTU-CVE-2025-39719

In the Linux kernel, the following vulnerability has been resolved: iio: imu: bno055: fix OOB access of hwxlate array Fix a potential out-of-bounds array access of the hwxlate array in bno055.c. In bno055getregmask, hwxlate was iterated over the length of the vals array instead of the length of t...

CVE-2020-11225

Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2020-20178

Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account...

Malicious code in array-length-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eeb8fbe13dcffd2d78c2677d8add867f32dd32725416d8f2f71ff2df0ba6f62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3567 Malicious code in array-length-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eeb8fbe13dcffd2d78c2677d8add867f32dd32725416d8f2f71ff2df0ba6f62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CLSA-2025-1741033614 libvirt: Fix of CVE-2024-2494

CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an overly large array length parameter in ath12k, which could lead to out-of-bounds access...

PT-2025-8837

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory error issue has been identified in the Linux kernel, specifically in the wifi: ath12k component. The problem arises from the print array to buf index function being passed an...

UBUNTU-CVE-2024-46833

In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnlnum When query reg inf of SSU, it loops tnlnum times. However, tnlnum comes from hardware and the length of array is a fixed value. To void array out of bound, make sure the loop ti...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not ensuring that the number of loops does not exceed the length of an array...

Cesanta MJS 安全漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++ from Cesanta Ireland. Designed for microcontrollers with limited resources. The main design goals were a small footprint and simple C/C++ interoperability. A denial of service vulnerability exists in the Cesanta MJS mjsarraylength function,...

Ubuntu 14.04 LTS : X.Org X Server vulnerabilities (USN-6587-5)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6587-5 advisory. USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Tenable has extracted the precedin...

CVE-2024-21885 Xorg-x11-server: heap buffer overflow in xisenddevicehierarchyevent

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remo...

Vyper Buffer Error Vulnerability

Vyper is the Pythonic smart contract language for EVM. A buffer error vulnerability exists in Vyper 0.3.10 and earlier versions, which stems from a possible overflow in the boundary check of the slice function, which can be exploited by an attacker to gain OOB access to storage, memory, or call...

CVE-2023-50711 `serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access

vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version 0.12.0, an issue in the FamStructWrapper::deserialize implementation provided by the crate for vmmsysutil::fam::FamStructWrapper can lea...

Assertions and array length checks can be manipulated maliciously, causing issues.

Lines of code Vulnerability details Impact There are some assertions and requirements on array lengths to prevent mismatched data. But assertions like require statements can potentially be used maliciously in some cases. These are a few ways a malicious user could try to exploit the asserts,...