20 matches found
EUVD-2013-5648
Malware in sbrugna...
EUVD-2013-5732
Malware in sbrugna...
EUVD-2025-6512
Malicious code in bioql PyPI...
CVE-2025-48071
A heap based-buffer overflow flaw was found in OpenEXR. In affected versions, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep-scan-line EXR files with a maliciously forged chunk header. Mitigation Mitigation for this issue is either not available...
CVE-2025-51480
A path traversal flaw was found in the ONNX machine learning library. This flaw allows an attacker to overwrite arbitrary files in the scope of the affected program using the library. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the R...
Quantum Blockchain Survey: Foundations, Trends, and Gaps
Quantum computing poses fundamental risks to classical blockchain systems by undermining widely used cryptographic primitives. In response, two major research directions have emerged: post-quantum blockchains, which integrate quantum-resistant algorithms, and quantum blockchains, which leverage...
CVE-2025-3264
A Regular Expression Denial of Service ReDoS vulnerability was discovered in the Hugging Face Transformers library. This vulnerability may allow an attacker to induce a denial of service in the application using the Transformers library. Mitigation Mitigation for this issue is either not availabl...
CVE-2025-6750
A flaw was found in hdf5. The H5Omtimenewencode function in src/H5Omtime.c contains a heap-based buffer overflow vulnerability that can be triggered by crafted input. A local attacker can exploit this condition by providing a specially constructed file. This manipulation may result in a denial of...
CVE-2025-49011
A flaw was found in SpiceDB where specific schemas, such as CheckPermission requests, may not execute as expected. This issue may result in an authorization bypass for specific data elements. Mitigation Mitigation for this issue is either not available or the currently available options do not me...
CVE-2024-45700
Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading t...
CVE-2025-2754
A flaw was found in the Open Asset Import Library Assimp. The Assimp::AC3DImporter::ConvertObjectSection function of the code/AssetLib/AC/ACLoader.cpp file in the AC3D File Handler component is affected. This attack can be launched remotely, and manipulation of the argument can lead to a heap-bas...
Targets Booting Very Slowly - Windows Splash Seen for over 10 Minutes
New deployment targets taking over 10 minutes to boot. Background Target device gets to the Windows splash and then it takes over 15 minutes to load Windows. After Windows loads, there is no performance problem...
Deployment issues with chains not compatible with Shanghai hardfork
Lines of code Vulnerability details Impact Besides issues with deployment &maintenance contracts; A Big Issues is quoted below from an audit finding... "This could also become a problem if different versions of Solidity are used to compile contracts for different chains. The differences in byteco...
XenMobile Sever - iOS Devices failing to deploy apps and policies - TOPIC MISMATCH Error
Devices not getting latest changes, and on the XMS Console we see the device information is not up to date last login, OS version, App Inventory On the logs see entries like: TOPIC MISMATCH errors 2021-10-04T16:03:42.153-0600 | Basic XXXXXXXXX| WARN | http-nio-10443-exec-3752 |...
Citrix Endpoint Management (aka XenMobile Server) 10.13.0 Rolling Patch 2
Package name:xms10.13.0.10212.bin For: XenMobile Server 10.13.0 Deployment type: On-premises only Replaces:xms10.13.0.10129.bin Date:February, 2021 Languages supported:English US Readme version:1.00 Readme Revision History Version| Date| Change Description ---|---|--- 1.00| February, 2021| Initia...
SUSE-SU-2020:3473-2 Security update for ceph
This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Added --container-init feature bsc1177319, bsc1163764 - Made journald as the logdriver again bsc1177933 - Fixes a condition check for copytree, copyfiles, and movefiles in...
RHEL 8 : Red Hat OpenShift Service Mesh 1.1 servicemesh-operator (RHSA-2020:2795)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2795 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...
Description of Update Rollup 1 for System Center 2012 R2 Virtual Machine Manager
Description of Update Rollup 1 for System Center 2012 R2 Virtual Machine Manager Summary This article contains a complete description of all changes in Update Rollup 1 for Microsoft System Center 2012 R2 Virtual Machine Manager. Important It is imperative that you review the installation...
CVE-2013-5787
CVE-2013-5787 is an Oracle Java SE vulnerability affecting Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier, with unspecified attack vectors via Deployment that could impact confidentiality, integrity, and availability. Public details in the Initial descri...
Oracle 9iAS SOAP components allow anonymous users to deploy applications by default
Overview Oracle Application Server 9iAS installs with Simple Object Access Protocol SOAP enabled by default and allows unauthenticated remote users to deploy and undeploy SOAP services and providers. Description Oracle Application Server 9iAS supports Simple Object Access Protocol SOAP, an...