Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. Google Android suffers from a security vulnerability that stems from a lack of permission checking, which could lead to local elevation of privileges...

ROS-20250904-09

Vulnerability in the IW44Image.cpp component of the library for viewing, creating, editing DjVu files DjVuLibre is related to errors of bounds checking when processing unreliable input data in method MMRDecoder::scanruns method. Exploitation of the vulnerability could allow an attacker acting...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient boundary checking, which could result in a 1-byte out-of-bounds read...

CVE-2025-57776

There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially...

CVE-2025-57774

There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted...

CVE-2025-57775 Heap-based Buffer Overflow when parsing a DSB file with Digilent DASYLab

There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The...

CVE-2025-9189

CVE-2025-9189 concerns Digilent DASYLab: an out-of-bounds write while parsing DSB files, caused by improper bounds checking, which can lead to arbitrary code execution. Affected: all DASYLab versions (per initial docs). Exploitation requires user to open a crafted DSB file; the vulnerability is l...

PT-2025-35596

Name of the Vulnerable Software and Affected Versions Digilent DASYLab affected versions not specified Description A flaw exists in Digilent DASYLab due to improper bounds checking when parsing a DSB file. This can lead to an out-of-bounds write, resulting in invalid data and potentially arbitrar...

PT-2025-35598

Name of the Vulnerable Software and Affected Versions DASYLab affected versions not specified Description DASYLab is susceptible to an out-of-bounds write due to insufficient bounds checking when parsing DSB files. This can lead to an invalid source address and potentially result in arbitrary cod...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android that stems from a lack of permission checking in the isInSignificantPlace function in multiple files, which could lead to the disclosure of local...

Digilent DASYLab 安全漏洞

Digilent DASYLab is a graphical data acquisition application development platform from Digilent. A security vulnerability exists in Digilent DASYLab that stems from improper boundary checking when parsing DSB files, which could lead to the execution of arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2025-48386

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to...

Cross-Site WebSocket Hijacking (CSWSH)

github.com/komari-monitor/komari, is vulnerable to Cross-Site WebSocket Hijacking CSWSH. The vulnerability is due to disabled origin checking, which allows an attacker to hijack authenticated user WebSocket connections...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from a lack of RSA key size checking, which could lead to a memory buffer overflow...

MediaTek Modem 缓冲区错误漏洞

MediaTek Modem is a 5G modem technology from MediaTek, a Chinese company. A buffer error vulnerability exists in MediaTek Modem that stems from incorrect boundary checking leading to out-of-bounds writes, which could lead to remote elevation of privilege...

CVE-2025-43284

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

CVE-2025-43255

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

CVE-2024-48908

lychee link checking action checks links in Markdown, HTML, and text files using lychee. Prior to version 2.0.2, there is a potential attack of arbitrary code injection vulnerability in lychee-setup of the composite action at action.yml. This issue has been patched in version 2.0.2...

Malicious code in ip-checking (npm)

The package ip-checking was found to contain malicious code...

MAL-2025-42013 Malicious code in ip-checking (npm)

The package ip-checking was found to contain malicious code...