316 matches found
[SECURITY] Fedora 44 Update: sip6-6.15.3-1.fc44
SIP is a collection of tools that makes it very easy to create Python bindings for C and C++ libraries. It was originally developed in 1998 to create PyQt, the Python bindings for the Qt toolkit, but can be used to create bindings for any C or C++ library. For example it is also used to generate...
[SECURITY] Fedora 44 Update: mupdf-1.27.1-10.fc44
MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...
[SECURITY] Fedora 44 Update: mbedtls-3.6.6-1.fc44
Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their embedded applications with as little hassle as possible...
Mojic 安全漏洞
Mojic is a C-language code obfuscation tool developed by Amit Dutta. Versions of Mojic prior to 2.1.4 contained security vulnerabilities. These vulnerabilities stemmed from the use of the standard equality operator by CipherEngine to verify HMAC-SHA256 integrity checks, which could allow attacker...
Joern 4.0.527
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Joern 4.0.525
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Joern 4.0.524
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
InduGuard_vul_poc
ICS Vulnerability PoC Library — SCAA Benchmark Support Proof-...
[SECURITY] Fedora 43 Update: stb-0^20260313git904aa67-2.fc43
Single-file public domain libraries for C/C++...
UBUNTU-CVE-2026-40170
ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...
CVE-2026-6231
The CVE-2026-6231 issue affects the MongoDB C Driver. The root cause is that the bson_validate function may return early on certain inputs and incorrectly report success, allowing malformed or invalid UTF-8 sequences to bypass validation and be processed incorrectly. Affected products/versions ex...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from incomplete mitigation measures for CVE-2026-4519, potentially leading to command injection attacks...
UBUNTU-CVE-2026-35201
Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...
CVE-2026-35201
Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...
aiohttp 注入漏洞
aiohttp is an open-source framework developed by aio-libs, used for asynchronous HTTP client/server interactions with asyncio and Python. Prior to version 3.13.4 of AIOHTTP, there was an injection vulnerability; this vulnerability stemmed from the C parser allowing empty bytes and control...
[SECURITY] Fedora 44 Update: libsoup3-3.6.6-6.fc44
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...
[SECURITY] Fedora 43 Update: libopenmpt-0.8.6-1.fc43
libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...
LiteIDE 安全漏洞
LiteIDE X is a Go language code development tool developed by Seven Leaf individuals. Previous versions of LiteIDE X, such as 38.4, contained security vulnerabilities. These vulnerabilities were caused by inconsistent interpretation of HTTP requests, which could lead to issues with the http...
CVE-2026-32875
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.10 through 5.11.0 are vulnerable to buffer overflow or infinite loop through large indent handling. ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent...
[SECURITY] Fedora 44 Update: kiss-fft-131.2.0-1.fc44
KISS FFT - A mixed-radix Fast Fourier Transform based on the principle, "Keep It Simple, Stupid." There are many great fft libraries already around. Kiss FFT is not trying to be better than any of them. It only attempts to be a reasonably efficient, moderately useful FFT that can use fixed or...