CVE-2025-43255

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

CVE-2025-43284

CVE-2025-43284 affects macOS where an out-of-bounds read was addressed by improved bounds checking. The issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, and macOS Sequoia 15.6. An app may be able to cause unexpected system termination. Attack vector is LOCAL with LOW privilegesRequire...

CVE-2025-43284

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

CVE-2025-43284

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to cause unexpected system termination...

CVE-2025-43255

CVE-2025-43255 concerns an out-of-bounds read in macOS components that was mitigated by improved bounds checking. The NVD/NIST entry states the issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, and macOS Ventura 13.7.7. The vulnerability could allow an app to cause an unexpected system t...

CVE-2025-43255

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination...

NAVER MYBOX Explorer for Windows 安全漏洞

NAVER MYBOX Explorer for Windows is a software for managing cloud storage from NAVER MYBOX Korea. A security vulnerability exists in NAVER MYBOX Explorer for Windows prior to version 3.0.8.133, which stems from improper privilege checking and could result in elevation of privileges to NT...

CVE-2024-48908 lychee-action vulnerable to arbitrary code injection in composite action

lychee link checking action checks links in Markdown, HTML, and text files using lychee. Prior to version 2.0.2, there is a potential attack of arbitrary code injection vulnerability in lychee-setup of the composite action at action.yml. This issue has been patched in version 2.0.2...

MAL-2025-41469 Malicious code in @twork-data-services/checking-account-option-statuses (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2025-37797

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26 Description An out-of-bounds read issue was addressed through improved bounds checking. This could allow an application to cause unexpected system termination. Recommendations Update to macOS Tahoe 26...

libbiosig Stack Buffer Overflow Vulnerability

libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. A stack buffer overflow vulnerability exists in libbiosig, which is caused by incorrect boundary checking of the MFER parsing function. An attacker...

Delta Electronics COMMGR 安全漏洞

Delta Electronics COMMGR is a communication management software from Delta Electronics China. Delta Electronics COMMGR suffers from a command injection vulnerability due to improper boundary checking when creating specially designed .isp files, no details of the vulnerability are available at thi...

CVE-2011-10024

MJM Core Player likely now referred to as MJM Player 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute...

CVE-2011-10023

MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...

CVE-2011-10022

SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception...

OESA-2025-2071 microcode_ctl security update

Security Fixes: Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.CVE-2025-20053 Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR...

PT-2025-34103 · Undefined · Undefined

SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception...

AZL-73857 CVE-2025-38574 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptpxmit Commit aabc6596ffb3 "net: ppp: Add bound checking for skb data on pppsynctxmung" fixed pppsynctxmunge We need a similar fix in pptpxmit, otherwise we might read uninit data as reported ...

UBUNTU-CVE-2025-38574

In the Linux kernel, the following vulnerability has been resolved: pptp: ensure minimal skb length in pptpxmit Commit aabc6596ffb3 "net: ppp: Add bound checking for skb data on pppsynctxmung" fixed pppsynctxmunge We need a similar fix in pptpxmit, otherwise we might read uninit data as reported ...

Linux Distros Unpatched Vulnerability : CVE-2022-3786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain...