AgentScope 安全漏洞

AgentScope is an open-source application developed by ModelScope. It facilitates the simpler development of multi-agent applications based on LLMs. Versions of AgentScope prior to 1.0.18 contained a security vulnerability, which was caused by incorrect operations on the function getbytesfromwebur...

CLSA-2025-1742391294 binutils: Fix of CVE-2025-0840

CVE-2025-0840: fix stack-based buffer overflow in disassemblebytes function...

user with ADDEXTENSIONS and CHANGEEXTENSIONS will remove extension unintentional

Lines of code Vulnerability details Summary Adding extension use 4 bytes function selector to add new extension, and if user with ADDEXTENSIONS permission also has CHANGEEXTENSIONS permission and wants to add new extension and there is an extension with that function selector, extension will be...

GPAC MP4Box 缓冲区错误漏洞

GPAC MP4Box is multimedia packager. It is mainly used to work with ISOBMF files e.g. MP4, 3GP but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS. A security vulnerability exists in GPAC MP4Box version 2.1-DEV-rev649-ga8f438d20, which stems from a...

PYSEC-2022-197

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Versions of vyper prior to 0.3.2 suffer from a potential buffer overrun. Importing a function from a JSON interface which returns bytes generates bytecode which does not clamp bytes length, potentially resulting in a...

Deserializing an array can drop uninitialized memory on panic

The readbytesdefaultle function for T; n arrays, used to deserialize arrays of T from bytes created a T; n array with std::mem::uninitialized and then called T's deserialization method. If T's deserialization method panicked, the uninitialized memory could drop invalid objects. This flaw was...

The vulnerability of the ssl3_read_bytes function (record/rec_layer_s3.c) in the OpenSSL library, which allows a hacker to cause a service failure.

The vulnerability of the ssl3readbytes function in the record/reclayers3.c file of the OpenSSL library exists due to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

DEBIAN-CVE-2016-0777

The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key...

MGASA-2014-0144 Updated stunnel package fixes security vulnerability

A flaw was found in the way stunnel, a socket wrapper which can provide SSL support to ordinary applications, performed reinitialization of PRNG after fork. When accepting a new connection, the server forks and the child process handles the request. The RANDbytes function of openssl doesn't reset...