CVE-2024-56406

CVE-2024-56406 is a heap-based buffer overflow in Perl when transliterating non-ASCII bytes with the tr/// operator. Affected are Perl release branches 5.34, 5.36, 5.38 and 5.40, including development versions 5.33.1–5.41.10. IBM AIX advisory confirms impact on AIX 7.3 and VIOS 4.1 with vulnerabl...

Perl -- heap buffer overflow when transliterating non-ASCII bytes

9b29abf9-4ab0-4765-b253-1875cd9b441e reports: A heap buffer overflow vulnerability was discovered in Perl. When there are non-ASCII bytes in the left-hand-side of the tr operator, Sdotransinvmap can overflow the destination pointer d. $ perl -e '$ = "\xFF" x 1000000; tr/\xFF/\x100/;' Segmentation...

AZL-59740 CVE-2025-32414 affecting package libxml2 for versions less than 2.11.5-5

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

AZL-59722 CVE-2025-32414 affecting package libxml2 for versions less than 2.10.4-7

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

CVE-2025-2245 Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)

A server-side request forgery SSRF vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte %00...

CVE-2025-2245

CVE-2025-2245 describes an SSRF in Bitdefender GravityZone Update Server when in Relay Mode. The HTTP proxy on port 7074 uses a domain allowlist but fails to sanitize hostnames containing null-byte sequences (e.g., evil.com%00.bitdefender.com), allowing an attacker to bypass the allowlist and for...

CVE-2025-2245 Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)

A server-side request forgery SSRF vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte %00...

BIT-JOOMLA-2021-23128 [20210302] - Core - Potential Insecure FOFEncryptRandval

An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF FOFEncryptRandval used an potential insecure implemetation. That has now been replaced with a call to 'randombytes' and its backport that is shipped within randomcompat...

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

GHSA-PPH8-GCV7-4QJ5 PyO3 Risk of buffer overflow in `PyString::from_object`

PyString::fromobject took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exception...

PyO3 Risk of buffer overflow in `PyString::from_object`

PyString::fromobject took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exception...

UBUNTU-CVE-2025-29069

A heap buffer overflow vulnerability has been identified in the lcms2-2.16. The vulnerability exists in the UnrollChunkyBytes function in cmspack.c, which is responsible for handling color space transformations...

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

Stream HTTP wrapper truncates redirect location to 1024 bytes

...

Little CMS 安全漏洞

Little CMS lcms or liblcms is an open source color management system by the individual developer Marti Maria. The system provides black point compensation, handling of multiple pixel formats, profile editing, and other features. A security vulnerability exists in Little CMS version 2.16, which...

PT-2025-14373 · Crates.Io · Pyo3

PyString::from object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exceptio...

CVE-2025-1861 Stream HTTP wrapper truncates redirect location to 1024 bytes

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

Security update for openvpn

This update for openvpn fixes the following issues: CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2025:1053-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...

SUSE-SU-2025:20252-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2024-52530: strictly don't allow NUL bytes in headers bsc1233285 glgoGNOME/libsoup377. - CVE-2024-52532: websocket: Process the frame as soon as we read data bsc1233287 glgoGNOME/libsoup391. - CVE-2024-52531: be more robust against invalid...