CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

EUVD-2026-27115

Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number...

Astra Linux - уязвимость в firefox, thunderbird

A problem with lowering/register allocation could lead to obscure but deterministic register confusion failures in JITted code, which could result in a potentially exploitable crash. This vulnerability affects Firefox 91 and Thunderbird 91...

ALPINE-CVE-2026-21712

A flaw in Node.js URL processing causes an assertion failure in native code when url.format is called with a malformed internationalized domain name IDN containing invalid characters, crashing the Node.js process...

CVE-2026-21712

CVE-2026-21712 affects the Node.js package nodejs24 for versions less than 24.14.1-1 . The issue is a flaw in Node.js URL processing that triggers an assertion failure in native code when url.format() is called with a malformed internationalized domain name (IDN) containing invalid characters, cr...

CVE-2021-41200

TensorFlow is an open source platform for machine learning. In affected versions if tf.summary.createfilewriter is called with non-scalar arguments code crashes due to a CHECK-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow...

EUVD-2019-13206

Malware in sbrugna...

EUVD-2022-2933

Malicious code in bioql PyPI...

CVE-2025-38117

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect mgmtpending list with its own lock This uses a mutex to protect from concurrent access of mgmtpending list which can cause crashes like: ==================================================================...

CVE-2021-29981

An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox 91 and Thunderbird 91...

CVE-2024-58013 Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmtremoveadvmonitorsync This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in...

Hoppscotch 安全漏洞

Hoppscotch is an open source Api development ecosystem. A security vulnerability exists in Hoppscotch versions prior to 0.8.0. An attacker exploited the vulnerability to cause the code to crash...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version...

UBUNTU-CVE-2022-43241

Libde265 v1.0.8 was discovered to contain an unknown crash via ffhevcputhevcqpelv38sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-21144 Denial of Service (DoS)

This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash...

CVE-2022-21144

Summary: CVE-2022-21144 affects all versions of the libxmljs package. The issue occurs when libxmljs.parseXml is called with a non-buffer argument, causing the V8 engine to invoke the argument’s toString method; if toString is not a Function, V8 will crash, leading to a potential denial of servic...

Security update for ImageMagick (moderate)

openSUSE Security Update: Security update for ImageMagick Announcement ID: openSUSE-SU-2021:0136-1 Rating: moderate References: 1179103 1179202 1179208 1179212 1179221 1179223 1179240 1179244 1179260 1179268 1179269 1179276 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321...

NetworkSleuth 3.0.0.0 - Key Denial of Service Exploit

Exploit Title: NetworkSleuth 3.0.0.0 - 'Key' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: www.nsauditor.com Software Link : http://www.nsauditor.com/downloads/networksleuthsetup.exe Tested Version: 3.0.0.0 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows...

Internet Bug Bounty: crash in locale_get_keywords() when keyword value in locale string too long

https://bugs.php.net/bug.php?id=73376...