CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

UBUNTU-CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43421

CVE-2025-43421 affects WebKitGTK/WebKit2GTK (webkitgtk2/webkitgtk4) and is caused by issues around processing maliciously crafted web content that can lead to an unexpected process crash due to memory handling/array allocation sinking. Multiple advisories confirm the flaw and reference fixes in W...

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

PT-2025-44928

Name of the Vulnerable Software and Affected Versions Automotive Software platform based on QNX affected versions not specified Description A memory corruption issue exists when triggering a subsystem crash with an out-of-range identifier. The issue involves improper validation of an array index...

PT-2025-44924

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when processing audio streaming operations. The issue is due to improper validation of array index in audio processing. Recommendations At the moment, there is no information...

PT-2025-44857

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.1 iPadOS versions prior to 26.1 Safari versions prior to 26.1 visionOS versions prior to 26.1 Description The software contains an issue addressed by disabling array allocation sinking. Processing maliciously crafted w...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...

Node.js: Timeout-based race conditions make Uint8Array/Buffer.alloc non-zerofilled

A flaw in Node.js's buffer allocation logic was discovered, where buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover data from previous operations under specific timing conditions...

UBUNTU-CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

Siemens SIMATIC Devices Improper Locking (CVE-2024-38598)

In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

CLSA-2025-1761577745 Fix CVE(s): CVE-2020-35342

SECURITY UPDATE: uninitialized-heap vulnerability in tic4xprintcond function - debian/patches/CVE-2020-35342.patch: Initialize all elements of the condtable array to fix uninitialized heap memory issue in tic4xprintcond function - CVE-2020-35342...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-43858)

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC Devices Improper Validation of Array Index (CVE-2024-35813)

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 mmc: core: Use mrq.sbc in close-ended ffu assigns previdata = idatasi - 1, but doesn't check that the iterator i is greater than zero. Let's fix this by adding...

Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2024-42265)

"In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for...

Siemens SIMATIC and SCALANCE Devices Improper Validation of Array Index (CVE-2025-21692)

net: sched: fix ets qdisc OOB Indexing This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503404; scriptversion"1.3";...