[SECURITY] Fedora 43 Update: mingw-expat-2.8.1-1.fc43

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

ISO-TP (ISO 15765-2) Support Library in C 缓冲区错误漏洞

ISO-TP ISO 15765-2 Support Library in C is an OpenXC Vehicle Platform open source ISO-TP protocol library that supports CAN bus long message transmission. A buffer error vulnerability exists in ISO-TP ISO 15765-2 Support Library in C. The vulnerability originates from an out-of-bounds read in the...

[SECURITY] Fedora 44 Update: libmicrohttpd-1.0.5-1.fc44

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

libucl 安全漏洞

Libucl is a C-language general configuration library parser developed by Vsevolod Stakhov. Libucl has a security vulnerability. This vulnerability arises from the uclobjectemit function during parsing and emitting UCL inputs containing embedded null-byte keys, which may lead to a denial-of-servic...

CVE-2022-38138

The Triangle Microworks IEC 61850 Library Any client or server using the C language library with a version number of 11.2.0 or earlier and any client or server using the C++, C, or Java language library with a version number of 5.0.1 or earlier and 60870-6 ICCP/TASE.2 Library Any client or server...

GNU libopts Buffer Overflow Vulnerability

GNU libopts is a C language library for parsing command line options from the US GNU community. A buffer overflow vulnerability exists in GNU libopts version 27.6 and earlier, which stems from a boundary error in the function strstrsse2 when processing untrusted input. An attacker could exploit...

EulerOS 2.0 SP13 : glibc (EulerOS-SA-2025-1974)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

Intel TinyCBOR Library 安全漏洞

Intel TinyCBOR Library is a C language library from Intel Corporation USA. A security vulnerability exists in Intel TinyCBOR Library versions prior to 0.6.1, which stems from uncontrolled recursion and could lead to a denial of service...

CVE-2024-36405

CVE-2024-36405 affects the liboqs reference Kyber KEM implementation. A control-flow timing leak arises when the Kyber KEM is compiled with Clang 15–18 under certain options (including -Os and -O1), enabling a local attacker to measure decapsulation timings and recover the entire ML-KEM 512 secre...

JWT C Library Security Vulnerability

JWT C Library is a JWT C library open source by Ben Collins. A security vulnerability exists in JWT C Library version 1.15.3, which stems from the use of strcmp to authenticate, resulting in an authentication bypass vulnerability...

Onion 安全漏洞

Onion http server library is a C library from the personal developer David Moreno Montero. It is used to create simple HTTP servers and web applications. A security vulnerability exists in Onion, which stems from an affected onionresponseflush function in the src/onion/response.c file in the...

GNU LibreDWG Stack Overflow Vulnerability

GNU LibreDWG is a C language library from the GNU community for working with DWG files. GNU LibreDWG is vulnerable to a stack overflow vulnerability, for which no detailed vulnerability details are currently available...

GNU LibreDWG Double Release Vulnerability (CNVD-2022-52258)

GNU LibreDWG is a C language library from the GNU community for working with DWG files. GNU LibreDWG suffers from a double-release vulnerability, for which no detailed vulnerability details are currently available...

GNU LibreDWG Heap Buffer Overflow Vulnerability (CNVD-2022-52257)

GNU LibreDWG is a C language library from the GNU community for working with DWG files. GNU LibreDWG suffers from a heap buffer overflow vulnerability, for which no detailed vulnerability details are currently available...

libredwg 资源管理错误漏洞

GNU LibreDWG is a C language library from the GNU community for working with DWG files. GNU LibreDWG is vulnerable to a resource management error, and no details of the vulnerability are currently available...

GNU C Library Arbitrary Code Execution Vulnerability

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in the stdlib/canonicalize.c file in GNU C Library version 2.27 and earlier. An attacker can exploit this vulnerability to execute arbitrary code...

GNU glibc 'swscanf' remote heap buffer overflow vulnerability

GNU glibc is an implementation of the C library for the Linux operating system. A remote heap buffer overflow vulnerability exists in GNU glibc 'swscanf', which can be exploited by an attacker to execute arbitrary code in the context of an affected application...