982 matches found
SUSE-SU-2025:03285-1 Security update for mybatis, ognl
This update for mybatis, ognl fixes the following issues: Version update to 3.5.7: Bug fixes: + Improved performance under JDK 8. 2223 Version update to 3.5.8: List of changes: + Avoid NullPointerException when mapping an empty string to java.lang.Character. 2368 + Fixed an incorrect argument whe...
CVE-2023-53337
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, markbufferdirty called from nilfssegctordoconstruct outputs a warning with some patterns after nilfs2 detects metadata corruption and...
PT-2025-39075
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.6 Description Flowise is a drag-and-drop user interface for building customized large language model flows. A critical issue exists in the CustomMCP node, which allows users to input configuration settings for...
Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2025:03127-1 Security update for python-deepdiff
This update for python-deepdiff fixes the following issues: - CVE-2025-58367: class pollution via the Delta class constructor can lead to denial-of-service and remote code execution bsc1249347...
drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor().
...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
Class Pollution
Overview deepdiff is a Deep Difference and Search of any Python object/data. Recreate objects by adding adding deltas to each other. Affected versions of this package are vulnerable to Class Pollution via the Delta constructor and manipulation of the SAFETOIMPORT set. An attacker can execute...
Flight 安全漏洞
Flight is a PHP microframework by Mike Cao's personal developer. A security vulnerability exists in versions prior to Flight v1.2, which stems from eager loading of the request body in the constructor of the Request class, which could lead to a denial-of-service attack...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
CVE-2025-57613
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...
ffmpeg 安全漏洞
ffmpeg is a rust library by meh.individual developer. A security vulnerability exists in ffmpeg version 0.3.0, which stems from the input constructor not checking the avioalloccontext return value, which could lead to null pointer dereference and denial of service...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57615
An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 An integer overflow vulnerability in the Vector::new constructor function allows an attacker to cause a denial of service via a null pointer dereference. The vulnerability stems from an unchecked cast of a usize parameter to cint,...
CVE-2025-57613
The CVE-2025-57613 entry concerns rust-ffmpeg 0.3.0 (post-commit 5ac0527). The root cause is a null pointer dereference in the input() constructor: if avio_alloc_context() returns NULL, the value is stored and later dereferenced by the Io struct’s Drop implementation, enabling denial of service. ...
ffmpeg 安全漏洞
ffmpeg is a rust library by meh.individual developer. A security vulnerability exists in ffmpeg version 0.3.0, which stems from an integer overflow in the Vector::new constructor, which could lead to null pointer dereference and denial of service...