MAL-2026-2377 Malicious code in no-function-declare-after-return (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40f5de9e9b3e66259de31f34cf47ef3b38b8fefc1e80d860c6dab7cade495bca The package no-function-declare-after-return was found to contain malicious code...

Malicious code in no-function-declare-after-return (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40f5de9e9b3e66259de31f34cf47ef3b38b8fefc1e80d860c6dab7cade495bca The package no-function-declare-after-return was found to contain malicious code...

CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

UBUNTU-CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from a heap buffer overflow vulnerability that stems from the ghidmxdeclareopidbin function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

CVE-2025-70302

GPAC vulnerability CVE-2025-70302: A heap overflow in the ghi_dmx_declare_opid_bin() function of GPAC v2.4.0 can be triggered by crafted input to cause a Denial of Service. The issue is rooted in improper handling/validation of the input length, leading to heap-based memory corruption. Multiple c...

CVE-2025-70302

A heap overflow in the ghidmxdeclareopidbin function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted input...

Linux Distros Unpatched Vulnerability : CVE-2017-6441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The zvalgetlongfuncex in Zend/zendoperators.c in PHP 7.1.2 allows attackers to cause a denial of service NULL pointer dereference and application crash via...

SUSE CVE-2025-29072

An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop and high CPU usage by submitting a malicious Declare v2/v3 transaction. This results in a...

PT-2025-13278 · Unknown · Nethermind +1

Name of the Vulnerable Software and Affected Versions: Nethermind Juno versions prior to 0.12.5 Description: The issue is caused by an integer overflow within the Sierra bytecode decompression logic in the "cairo-lang-starknet-classes" library. This allows remote attackers to trigger an infinite...

PT-2024-40974 · Crates.Io · Xous

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned, so the information cannot be determined. Description: The issue concerns the as slice and as slice mut functions, which are considered unsound. This is because any pointer, regardless of its bit...

systemd security update

239-82.0.1 - Fixed deletion issue for symlink when device is opened Orabug: 36228608 - Fix local-fs and remote-fs targets during system boot replaces old Orabug: 25897792 Orabug: 35871376 - 1A Add 'systemd-fstab-generator-reload-targets.service' file Orabug: 35871376 - 1B Add required rpms for...

Snap One OvrC Cloud 输入验证错误漏洞

Snap One OvrC is a free cloud-based remote management and monitoring platform from Snap One USA. Snap One OvrC Cloud suffers from an input validation error vulnerability where an attacker could impersonate a hub and send a device request to declare a declared device...

SUSE CVE-2007-6019

Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly...

SUSE CVE-2017-6441

The zvalgetlongfuncex in Zend/zendoperators.c in PHP 7.1.2 allows attackers to cause a denial of service NULL pointer dereference and application crash via crafted use of "declareticks=" in a PHP script. NOTE: the vendor disputes the classification of this as a vulnerability, stating "Please do n...

DEBIAN-CVE-2022-47094

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmxm2ts.c:343 in m2tsdmxdeclarepid...

DEBIAN-CVE-2022-47093

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmxm2ts.c:470 in m2tsdmxdeclarepid...

UBUNTU-CVE-2022-47093

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to heap use-after-free via filters/dmxm2ts.c:470 in m2tsdmxdeclarepid...

UBUNTU-CVE-2022-47094

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmxm2ts.c:343 in m2tsdmxdeclarepid...