979 matches found
Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2025:03127-1 Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: - CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347...
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
Class Pollution
Overview deepdiff is a Deep Difference and Search of any Python object/data. Recreate objects by adding adding deltas to each other. Affected versions of this package are vulnerable to Class Pollution via the Delta constructor and manipulation of the SAFETOIMPORT set. An attacker can execute...
Flight 安全漏洞
Flight is a PHP microframework by Mike Cao's personal developer. A security vulnerability exists in versions prior to Flight v1.2, which stems from eager loading of the request body in the constructor of the Request class, which could lead to a denial-of-service attack...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
ffmpeg 安全漏洞
ffmpeg is a rust library by meh.individual developer. A security vulnerability exists in ffmpeg version 0.3.0, which stems from the input constructor not checking the avioalloccontext return value, which could lead to null pointer dereference and denial of service...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
ffmpeg 安全漏洞
ffmpeg is a rust library by meh.individual developer. A security vulnerability exists in ffmpeg version 0.3.0, which stems from an integer overflow in the Vector::new constructor, which could lead to null pointer dereference and denial of service...
CVE-2025-57613
The CVE-2025-57613 entry concerns rust-ffmpeg 0.3.0 (post-commit 5ac0527). The root cause is a null pointer dereference in the input() constructor: if avio_alloc_context() returns NULL, the value is stored and later dereferenced by the Io struct’s Drop implementation, enabling denial of service. ...
PT-2025-35577
Name of the Vulnerable Software and Affected Versions: rust-ffmpeg version 0.3.0 Description: A null pointer dereference issue exists in the input constructor function. This can lead to a denial of service when the avio alloc context call fails and returns NULL, which is subsequently dereferenced...
CGM CLININET Code Injection Vulnerability (CNVD-2025-19812)
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a code injection vulnerability that stems from the RunCommand function failing to properly filter the special elements of the constructor code segment. An attacker can exploit this vulnerability t...
Linux Distros Unpatched Vulnerability : CVE-2022-1471
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can...