73 matches found
CVE-2026-1979
A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...
JLSEC-2025-105 FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_pa...
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...
EUVD-2025-27932
Malicious code in bioql PyPI...
CVE-2025-38607
In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...
CVE-2025-38607 bpf: handle jset (if a & b ...) as a jump in CFG computation
In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...
CVE-2025-38607
CVE-2025-38607 relates to the Linux kernel BPF_JSET conditional jump; verifier.c:can_jump() could miscompute live registers and SCC during CFG analysis, potentially affecting correctness of analysis. The issue was resolved by handling jset jumps in CFG computation. Affected component: BPF/JSET ha...
CVE-2025-38607
In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...
Linux Distros Unpatched Vulnerability : CVE-2022-48303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of...
GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump
...
CBL Mariner 2.0 Security Update: tar (CVE-2022-48303)
The version of tar installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-48303 advisory. - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a...
GLSA-202402-12 : GNU Tar: Out of Bounds Read
The remote host is affected by the vulnerability described in GLSA-202402-12 GNU Tar: Out of Bounds Read - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrate...
NewStart CGSL MAIN 6.06 : tar Vulnerability (NS-SA-2023-0135)
The remote NewStart CGSL host, running version MAIN 6.06, has tar packages installed that are affected by a vulnerability: - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has no...
Ubuntu 18.04 LTS : WavPack vulnerability (USN-3960-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3960-1 advisory. It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service. Tenable has extracte...
Oracle Linux 8 : wavpack (ELSA-2020-1581)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1581 advisory. - CVE-2018-19841 - CVE-2019-1010317 - CVE-2019-1010315 - CVE-2019-11498 - CVE-2018-19840 Tenable has extracted the preceding description block directly...
EulerOS Virtualization 3.0.6.0 : tar (EulerOS-SA-2023-2507)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitati...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2023-2457)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : tar (EulerOS-SA-2023-2482)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitati...
EulerOS Virtualization 2.10.1 : tar (EulerOS-SA-2023-2457)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitati...
EulerOS Virtualization 3.0.6.6 : tar (EulerOS-SA-2023-2440)
According to the versions of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitati...
EulerOS 2.0 SP5 : tar (EulerOS-SA-2023-2174)
According to the versions of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change th...