AZL-79313 CVE-2026-27601 affecting package boost 1.83.0-2

Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...

MiracleLinux 3 : boost-1.33.1-15.AXS3 (AXSA:2012-260:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-260:01 advisory. Boost provides free peer-reviewed portable C++ source libraries. The emphasis is on libraries which work well with the C++ Standard Library, in the...

EUVD-2023-38477

Malicious code in bioql PyPI...

CVE-2023-34399

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow...

CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34399

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow...

CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34399

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow...

CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34398

Mercedes-Benz NTG6 head unit vulnerable due to a Boost library null pointer dereference in serialized archive handling during USB import/export of user profile settings. Affected component is the USB-based data import/export workflow within the head unit (MBUX architecture) where data keys map to...

CVE-2023-34399

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The version of boost library contains vulnerability integer overflow...

CVE-2023-34399

Summary of CVE-2023-34399 (Mercedes-Benz NTG6) : The Mercedes-Benz head-unit NTG6 processes USB-import/export of user profile settings. Several values are stored as serialized Boost archives; a vulnerability in Boost (integer overflow) within that serialization chain is identified. The CVSSv3.1 b...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system allows a intruder to trigger a service failure.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to integer overflow when processing values of cid. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system, related to the manipulation of the zero pointer, allows a intruder to compromise the accessibility of protected information.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to a pointer assignment error. Exploiting this vulnerability could allow an attacker to compromise the accessibility of the protected information...

PT-2025-1231 · Mercedes Benz · Mercedes-Benz Head-Unit Ntg6

Name of the Vulnerable Software and Affected Versions: Mercedes-Benz head-unit NTG6 affected versions not specified Description: The issue is related to the import or export of profile settings over USB in the Mercedes-Benz head-unit NTG6. Some values are serialized using the boost library, which...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager (April 2024)

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: IBM® Db2® is affected by a vulnerability in an open source library boost (CVE-2012-2677)

Summary IBM® Db2® is affected by a vulnerability in an open source library boost. Vulnerability Details CVEID:CVE-2012-2677 DESCRIPTION: Boost is vulnerable to a buffer overflow, caused by improper bounds checking by the orderedmalloc function. By persuading a victim to open a specially-crafted...

Pichi Trust Management Issues Vulnerabilities

Pichi is a rule-based proxy software. A security vulnerability in the boost ASIO wrapper in the net/asio.cpp file in versions prior to Pichi 1.3.0 stems from the program's failure to check for TLS hostnames. No details of the vulnerability are provided at this time...