CVE-2025-31209

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to disclosure of user information...

CVE-2025-31209

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. Parsing a file may lead to disclosure of user information...

About the security content of tvOS 18.5

About the security content of tvOS 18.5 This document describes the security content of tvOS 18.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

GNU PSPP 安全漏洞

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a heap buffer overflow vulnerability. The vulnerability stems from the failure of the inflateread function called indirectly by spvreadxmlmember in zip-reader.c to properly...

GHSA-C86P-W88R-QVQR Duplicate Advisory: ring has some AES functions that may panic when overflow checking is enabled in

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4p46-pwfr-66x6. This link is maintained to preserve external references. Original Description A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC...

Duplicate Advisory: ring has some AES functions that may panic when overflow checking is enabled in

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4p46-pwfr-66x6. This link is maintained to preserve external references. Original Description A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC...

CVE-2025-4432

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

UBUNTU-CVE-2025-4432

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

CVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ring

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

CVE-2025-4432

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

CVE-2025-4432

CVE-2025-4432 affects Rust’s Ring crate. A panic can be triggered when overflow checking is enabled; in QUIC, a specially crafted packet can induce this panic, likely ~1 in 2^32 packets. CVSS v3.1 base score 5.3 (Network, Low attack complexity, No privileges, No user interaction; Availability imp...

CVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ring

A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient privilege checking, which could lead to a security risk...

GHSA-79M9-55JC-P6MW scanner has a Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

scanner has a Public API without sufficient bounds checking

Match::get and Match::ptr lack sufficient bounds checks, leading to potential out of bounds reads...

PT-2025-19849 · Qualcomm · Snapdragon +13

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption caused by improper bounds checking during command handling in a camera kernel driver. This can lead to unspecified consequences. Recommendations: At...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from improper command processing boundary checking in the camera-kernel driver, which could lead to memory corruption...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets, which stems from a lack of privilege checking and could lead to the disclosure of local information...

The vulnerability of the Packet Forwarding Engine (PFE) module in Junos OS routers of the MX series allows a hacker to cause a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted GRE packets...

CVE-2025-32890

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...