21 matches found
Semantic Denial of Service in LLM-Controlled Robots
Safety-oriented instruction-following is supposed to keep LLM-controlled robots safe. We show it also creates an availability attack surface. By injecting short safety-plausible phrases 1-5 tokens into a robots audio channel, an adversary can trigger the models safety reasoning to halt or disrupt...
EUVD-2025-8643
Malicious code in bioql PyPI...
EUVD-2025-8632
Malicious code in bioql PyPI...
EUVD-2022-2875
Malicious code in bioql PyPI...
EUVD-2024-0839
Malicious code in bioql PyPI...
CVE-2025-46400
In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...
CVE-2025-46399
CVE-2025-46399 affects fig2dev (part of transfig) with a segmentation fault in genge_itp_spline, enabling local input-based disruption and potential denial of service. Related advisories confirm multiple vendors acknowledge the issue; Debian LTS reports a fix in fig2dev 1:3.2.8-3+deb11u3. Other e...
CVE-2025-31164
heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via createlinewithspline...
CVE-2025-31163 fig2dev segmentation fault
Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via putpatternarc function...
PT-2025-13563 · Xfig +4 · Xfig +4
Name of the Vulnerable Software and Affected Versions: xfig fig2dev version 3.2.9a Description: The issue is related to a segmentation fault in the fig2dev component of xfig, which can be triggered by manipulating local input via the put patternarc function. This can lead to a null pointer...
Linux Distros Unpatched Vulnerability : CVE-2024-28243
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using...
CVE-2024-28243
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
CVE-2024-28243
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
DEBIAN-CVE-2024-28243
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
CVE-2024-28243
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
CVE-2024-28243 KaTeX's maxExpand bypassed by \edef
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
CVE-2024-28243 KaTeX's maxExpand bypassed by \edef
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
CVE-2024-28243 KaTeX's maxExpand bypassed by \edef
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
CVE-2024-28243
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...
PT-2024-22358
Name of the Vulnerable Software and Affected Versions KaTeX versions prior to 0.16.10 Description KaTeX is a JavaScript library for TeX math rendering on the web. Users who render untrusted mathematical expressions could encounter malicious input using edef that causes a near-infinite loop, despi...