Lucene search
K

3636 matches found

Apple
Apple
added 2025/05/12 12:0 a.m.32 views

About the security content of tvOS 18.5

About the security content of tvOS 18.5 This document describes the security content of tvOS 18.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

8.8CVSS7.5AI score0.01186EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/05/10 12:0 a.m.3 views

GNU PSPP 安全漏洞

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a heap buffer overflow vulnerability. The vulnerability stems from the failure of the inflateread function called indirectly by spvreadxmlmember in zip-reader.c to properly...

9.8CVSS7.1AI score0.00258EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2025/05/07 3:26 p.m.24 views

scanner has a Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

7.1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/07 3:26 p.m.4 views

GHSA-79M9-55JC-P6MW scanner has a Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

6.9CVSS7.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/06 12:0 a.m.4 views

PT-2025-19849 · Qualcomm · Snapdragon +13

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption caused by improper bounds checking during command handling in a camera kernel driver. This can lead to unspecified consequences. Recommendations: At...

7.8CVSS6.3AI score0.00094EPSS
Exploits0References3
NVD
NVD
added 2025/05/01 3:15 p.m.7 views

CVE-2022-49766

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...

5.5CVSS0.0014EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/05/01 2:9 p.m.5 views

CVE-2022-49766

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...

5.5CVSS5.4AI score0.0014EPSS
Exploits0
Cvelist
Cvelist
added 2025/05/01 2:9 p.m.15 views

CVE-2022-49766 netlink: Bounds-check struct nlmsgerr creation

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFYSOURCE doing bounds-check on memcpy, switch from nlmsgput to nlmsgput, and explain the bounds check for dealing with the memcpy across a composite flexible...

0.0014EPSS
Exploits0References2
OSV
OSV
added 2025/04/30 5:41 p.m.4 views

GHSA-927Q-G9W9-PM54 Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

6.9CVSS7.1AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/04/30 5:41 p.m.11 views

Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

7.1AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.3 views

PT-2025-19406 · Crates.Io · Mp3-Metadata

The get id3 methods used by mp3 metadata::read from slice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

6.9CVSS7.2AI score
Exploits0References5
OSV
OSV
added 2025/04/28 12:0 p.m.6 views

RUSTSEC-2025-0027 Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

7.1AI score
Exploits0References3
RustSec
RustSec
added 2025/04/28 12:0 p.m.12 views

Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

7.1AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/28 12:0 a.m.4 views

PT-2025-19692 · Crates.Io · Mp3-Metadata

The get id3 methods used by mp3 metadata::read from slice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

7.2AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/26 5:2 a.m.15 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware ...

9.8CVSS7.3AI score0.21255EPSS
Exploits5References1
OSV
OSV
added 2025/04/16 7:15 p.m.4 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a repor...

9.8CVSS5.9AI score0.21255EPSS
Exploits6References14
Vulnrichment
Vulnrichment
added 2025/04/16 6:24 p.m.17 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a repor...

7.1AI score0.21255EPSS
Exploits5References4
Cvelist
Cvelist
added 2025/04/16 6:24 p.m.71 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware ...

0.21255EPSS
Exploits5References5
CVE
CVE
added 2025/04/16 6:24 p.m.358 views

CVE-2025-31200

CVE-2025-31200 affects Apple’s CoreAudio, specifically the AudioConverterService AAC decoder, where a memory corruption issue can lead to code execution when processing a malicious audio stream. Affected products include iOS, iPadOS, macOS, and related OSes prior to the patch, with fixes implemen...

9.8CVSS7.3AI score0.21255EPSS
In wildExploits5References15Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/04/16 12:0 a.m.19 views

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a repor...

9.8CVSS6.8AI score0.21255EPSS
In wildExploits5References5
Rows per page
Query Builder