386 matches found
EUVD-2017-6743
Malware in sbrugna...
EUVD-2013-7041
Malware in sbrugna...
EUVD-2025-19806
Malicious code in bioql PyPI...
EUVD-2021-33344
Malicious code in bioql PyPI...
EUVD-2021-31329
Malicious code in bioql PyPI...
EUVD-2022-15447
Malicious code in bioql PyPI...
EUVD-2024-22476
Malicious code in bioql PyPI...
EUVD-2024-54028
Malicious code in bioql PyPI...
Pointer leaks through pointer-keyed data structures
Posted by Jann Horn, Google Project Zero Introduction Some time in 2024, during a Project Zero team discussion, we were talking about how remote ASLR leaks would be helpful or necessary for exploiting some types of memory corruption bugs, specifically in the context of Apple devices. Coming from...
colander
This is a Python library for deserialization and validation of data structures composed of strings, mappings, and lists. It is a package that can be used to serialize an arbitrary data structure to a data structure composed of strings, mappings, and lists, and to deserialize and validate a data...
[SECURITY] Fedora 42 Update: perl-Cpanel-JSON-XS-4.40-1.fc42
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...
[SECURITY] Fedora 41 Update: perl-JSON-XS-4.04-1.fc41
This module converts Perl data structures to JSON and vice versa. Its primary goal is to be correct and its secondary goal is to be fast. To reach the latter goal it was written in C...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized request reference counting, which could lead to the use of uninitialized request data structur...
[SECURITY] Fedora 42 Update: glib2-2.84.4-1.fc42
GLib is the low-level core library that forms the basis for projects such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system...
com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError
A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur...
Balancing Privacy and Utility in Correlated Data: a Study of Bayesian Differential Privacy
Privacy risks in differentially private DP systems increase significantly when data is correlated, as standard DP metrics often underestimate the resulting privacy leakage, leaving sensitive information vulnerable. Given the ubiquity of dependencies in real-world databases, this oversight poses a...
The vulnerability of the Windows operating system’s task scheduler allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Windows operating system’s task scheduler is related to insufficient checks for the correctness of messages or data structures. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
Denial Of Service (DoS)
github.com/bep/imagemeta is vulnerable to Denial Of Service DoS. The vulnerability is due to untrusted input handling, which allows excessively large data structures to be defined in small payloads...
PT-2025-38568
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth subsystem’s virtual HCI vhci component. A use-after-free condition can occur due to debugfs files such as force suspend and force...
bep/imagemeta allows excessively large EXIF data structures
Impact The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to construct denial-of-service attacks. Patches v0.10.0 added LimitNumTags default 5000 and LimitTagSize defau...