EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2025-1547)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved:ntb: intel: Fix the NULL vs ISERR bug for debugfscreatedir The...

Security Vulnerabilities fixed in Firefox ESR 115.23.1 — Mozilla

An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

GHSA-WRH5-CMWX-Q2QR Ollama Server Vulnerable to Denial of Service (DoS) Attack

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index when downloading a model via the /api/pull endpoint. An attacker can cause the server to crash by customizing the manifest content and spoofing a service. Remediation Upgrade...

PYSEC-2025-145

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

CVE-2025-1975

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

PYSEC-2025-145

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

CVE-2025-1975 Improper Validation of Array Index in ollama/ollama

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

CVE-2025-1975

Ollama server (version 0.5.11) is affected by CVE-2025-1975. The root cause is improper validation of array index access when downloading a model via the /api/pull endpoint, allowing a malicious user to trigger a DoS and cause a server crash. The vulnerability is documented with CVSSv3 base score...

PT-2025-25828

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue was related to the debugfs summary output accessing uninitialized elements in the freq in and signal out arrays, causing...

Ollama 输入验证错误漏洞

Ollama is a large language model that can be started and run locally from the Ollama open source. An input validation error vulnerability exists in Ollama version 0.5.11, which stems from insufficient validation of array index access and could lead to a denial of service attack...

kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()

A potential array-index-out-of-bounds read flaw was found in the Linux kernel in ath9khtctxstatus. This issue may lead to a crash...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

The vulnerability of Qualcomm’s security microprogramming software, related to unvalidated array indexing, allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of Qualcomm’s security microprogramming software relates to unverified array indexing. Exploiting this vulnerability could allow attackers to influence the integrity, accessibility, and confidentiality of the protected information...

The vulnerability of embedded software developed by Qualcomm, related to unvalidated array indexing, allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow attackers to influence the integrity, accessibility, and confidentiality of the protected information...

The vulnerability of embedded software developed by Qualcomm, related to unvalidated array indexing, allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow attackers to influence the integrity, accessibility, and confidentiality of the protected information...

Alibaba Cloud Linux 3 : 0016: sqlite (ALINUX3-SA-2023:0016)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0016 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-35737: SQLite 1.0.12 through 3.39.x before...

The vulnerability of embedded software developed by Qualcomm, related to unvalidated array indexing, allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to unverified array indexing. Exploiting this vulnerability can allow attackers to influence the integrity, accessibility, and confidentiality of the protected information...

ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling

A flaw was found in Artifex Ghostscript's PDF XRef stream handling. This vulnerability allows a buffer overflow via crafted values in the W array of a PDF XRef stream...

ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling

A flaw was found in Artifex Ghostscript's PDF XRef stream handling. This vulnerability allows a buffer overflow via crafted values in the W array of a PDF XRef stream...