Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...

uv allows ZIP payload obfuscation through parsing differentials

Impact In versions 0.9.5 and earlier of uv, ZIP archives were handled in a manner that enabled two parsing differentials against other components of the Python packaging ecosystem: 1. Central directory entries in a ZIP archive can contain comment fields. However, uv would assume that these fields...

GHSA-PQHF-P39G-3X64 uv allows ZIP payload obfuscation through parsing differentials

Impact In versions 0.9.5 and earlier of uv, ZIP archives were handled in a manner that enabled two parsing differentials against other components of the Python packaging ecosystem: 1. Central directory entries in a ZIP archive can contain comment fields. However, uv would assume that these fields...

EUVD-2025-34893

ImageMagick has Integer Overflow in BMP Decoder ReadBMP...

ImageMagick has Integer Overflow in BMP Decoder (ReadBMP)

Summary CVE-2025-57803 claims to be patched in ImageMagick 7.1.2-2, but the fix is incomplete and ineffective. The latest version 7.1.2-5 remains vulnerable to the same integer overflow attack. The patch added BMPOverflowCheck but placed it after the overflow occurs, making it useless. A maliciou...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35893)

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: prevent kernel-infoleak syzbot found that tcfskbmoddump was copying four bytes from kernel stack to user space. The issue here is that 'struct tcskbmod' has a four bytes hole. We need to clear the structure...

CLSA-2025-1761323691 Fix CVE(s): CVE-2025-0840

SECURITY UPDATE: stack-based buffer overflow in disassemblebytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow by restricting size of insnwidth buffer - CVE-2025-0840...

SUSE CVE-2022-50570

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

GHSA-RC54-2G2C-G36G OpenBao and Vault Leak []byte Fields in Audit Logs

Impact OpenBao's audit log did not appropriately redact fields when relevant subsystems sent byte response parameters rather than strings. This includes, but is not limited to: - sys/raw with use of encoding=base64, all data would be emitted unredacted to the audit log. - Transit, when performing...

GHSA-XCPM-76HF-C9CC Borrowck Scarifices exposes uninitialized memory in any_as_u8_slice

The safe function anyasu8slice can create byte slices that reference uninitialized memory when used with types containing padding bytes. The function uses slice::fromrawparts to create a &u8 covering the entire size of a type, including padding bytes. According to Rust's documentation, fromrawpar...

Borrowck Scarifices exposes uninitialized memory in any_as_u8_slice

The safe function anyasu8slice can create byte slices that reference uninitialized memory when used with types containing padding bytes. The function uses slice::fromrawparts to create a &u8 covering the entire size of a type, including padding bytes. According to Rust's documentation, fromrawpar...

CVE-2022-50570

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

UBUNTU-CVE-2022-50570

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

CVE-2022-50570 platform/chrome: fix memory corruption in ioctl

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

TencentOS Server 4: xorg-x11-server (TSSA-2025:0760)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0760 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

EUVD-2022-54711

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

RUSTSEC-2025-0107 Uninitialized memory exposure in any_as_u8_slice

The safe function anyasu8slice can create byte slices that reference uninitialized memory when used with types containing padding bytes. The function uses slice::fromrawparts to create a &u8 covering the entire size of a type, including padding bytes. According to Rust's documentation, fromrawpar...

Uninitialized memory exposure in any_as_u8_slice

The safe function anyasu8slice can create byte slices that reference uninitialized memory when used with types containing padding bytes. The function uses slice::fromrawparts to create a &u8 covering the entire size of a type, including padding bytes. According to Rust's documentation, fromrawpar...

JLSEC-2025-157 An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption...