94 matches found
EUVD-2026-31772
Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perlstudychunk in regcompstudy.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a lar...
Compile-Time Security Analysis and Optimization of Sensitive String Producers
Content composition vulnerabilities remain among the most prevalent and persistent classes of security weakness in deployed software. Prior mitigations, including developer training, static analysis tools, and domain-specific template languages, each face diminishing returns; AI code generation...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
Moving beyond Strings in Spring Data
If you've worked with data access in Java and especially with Spring Data for a while, then you are familiar with various Query and Update programming models. You write data access code. You refactor a property name. You run your tests. They fail. Your query strings? Still pointing to the old...
Chasing Elusive Memory Bugs in GPU Programs
Memory safety bugs, such as out-of-bound accesses OOB in GPU programs, can compromise the security and reliability of GPU-accelerated software. We report the existence of input-dependent OOBs in the wild that manifest only under specific inputs. All existing tools to detect OOBs in GPU programs...
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time
libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...
SUSE CVE-2022-50778
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
EUVD-2022-55783
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
CVE-2022-50778
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
UBUNTU-CVE-2022-50778
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
CVE-2022-50778 fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
CVE-2022-50778 fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL
In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that compiletimestrlen may return the maximum possible size under UBSANBOUNDSLOCAL, which could lea...
CVE-2025-54471
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
CVE-2025-54471
NeuVector used a hard-coded cryptographic key embedded in the source code. At compilation time, the key value was replaced with the secret key value and used to encrypt sensitive configurations when NeuVector stores the data...
CVE-2025-54471
The CVE-2025-54471 entry concerns NeuVector where a hard-coded cryptographic key was embedded in the source and replaced at compile time, then used to encrypt sensitive configurations stored by NeuVector. Affected data and configurations could be exposed due to the improper key handling. The prov...
JLSEC-2025-59 libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time...
libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time...
EUVD-2024-44547
Malicious code in bioql PyPI...
EUVD-2024-44548
Malicious code in bioql PyPI...
EUVD-2025-31976
Malicious code in bioql PyPI...