CVE-2025-43205

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass ASLR...

CVE-2025-43205

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4. An app may be able to bypass ASLR...

CVE-2025-43205

CVE-2025-43205 describes an out-of-bounds access issue with improved bounds checking, fixed in watchOS 11.4, tvOS 18.4, visionOS 2.4, iOS 18.4 and iPadOS 18.4. The vulnerability may allow an attacker to bypass ASLR, with the Apple documentation indicating the issue affects Apple platforms and ver...

WordPress Contact Form 7 AWeber Extension plugin unauthorized data modification vulnerability

WordPress Contact Form 7 AWeber Extension plugin is an extension plugin designed for WordPress Contact Form 7 plugin for automatic synchronization of form data to AWeber email marketing platform. The WordPress Contact Form 7 AWeber Extension plugin suffers from an unauthorized data modification...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from insufficient input size checking, which could cause the kernel to crash...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990736)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990736 advisory. In the Linux kernel, the following vulnerability has been resolved: ntfs: fix use-after-free in ntfsattrfind Patch series ntfs: fix bugs about Attribute, v2. This...

Apache OpenOffice 安全漏洞

Apache OpenOffice is an open source office software suite from the American Apache Apache Foundation. A security vulnerability exists in Apache OpenOffice, which stems from improper authorization checking, and can be exploited by remote attackers to automatically load external files containing DD...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

kernel: cachestat: fix page cache statistics permission checking

In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...

kernel: net: ppp: Add bound checking for skb data on ppp_sync_txmung

An out-of-bounds read vulnerability exists in the pppsynctxmunge function in the Linux kernel's PPP subsystem. Insufficient bounds checking on incoming PPP packets may lead to a kernel crash if a packet with an empty or truncated payload is processed...

Malicious code in llmboost-hub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 644589899c04664f0638a5eb5d08755b21fddf2d0772259d0f8859a65586be3b This package executes an obfuscated payload embedded within a license-checking module...

MAL-2025-112503 Malicious code in llmboost-hub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 644589899c04664f0638a5eb5d08755b21fddf2d0772259d0f8859a65586be3b This package executes an obfuscated payload embedded within a license-checking module...

Intel QAT 代码问题漏洞

Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. A code issue vulnerability exists in Intel QAT Windows software that originates from an improper conditi...

ROS-20251111-10

Vulnerability of processsymtab function of eu-readelf component of ELF Elfutils binary modification and analysis utility is related to copying buffer without checking input data size. ELF Elfutils is related to buffer copying without checking input data size. Exploitation vulnerability could allo...

Important: docker

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

xorg: xmayland: Value overflow in XkbSetCompatMap()

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system...

ROS-20251106-05

The bfdselfparseehframe function of the GNU Binutils development tool has a vulnerability related to an operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in GNU Binutils software development to...

CVE-2025-43429

A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper bounds checking and result in an unexpected process crash. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages...