NanoMQ 代码问题漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.8 have code vulnerabilities. These vulnerabilities stem from the quicstreamrecv function, which cancels references to empty substream pointers when the substream is reopened,...

CVE-2019-2241

While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer...

EUVD-2013-5742

Malware in sbrugna...

EUVD-2006-5775

Malware in sbrugna...

EUVD-2021-7358

Malicious code in bioql PyPI...

CVE-2021-1894

Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...

CVE-2020-0100

In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

ROS-20250210-01

A vulnerability in the spi component of the Linux kernel is related to incorrect error handling in the rockchipspisuspend and rockchipspiresume functions in drivers/spi/spi-rockchip.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A vulnerability in...

ROS-20250131-01

A vulnerability in the f2fs component of the Linux operating system kernel is related to improper error handling in the f2fsmarkinodedirtysync function in f2fs/inode.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the scsi component of...

Amazon Linux 2 : runfinch-finch (ALASDOCKER-2025-048)

The version of runfinch-finch installed on the remote host is prior to 1.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-048 advisory. An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its...

Medium: kernel

Issue Overview: Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allows Forced Integer Overflow. CVE-2024-23307 A malicious hypervisor can potentially break confidentiality and integrity of Linux SEV-SNP guests by injecting interrupts...

SUSE-SU-2021:0736-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping XSA-365 bsc1181843. - CVE-2021-26931: Fixed an issue where Linux kernel was treating...

SUSE-SU-2016:2460-1 Security update for php7

This update for php7 fixes the following security issues: CVE-2016-6128: Invalid color index not properly handled bsc987580 CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif bsc988032 CVE-2016-6292: Null pointer dereference in exifprocessusercomment...

SUSE-SU-2016:2408-1 Security update for php5

This update for php5 fixes the following security issues: CVE-2016-6128: Invalid color index not properly handled bsc987580 CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif bsc988032 CVE-2016-6292: Null pointer dereference in exifprocessusercomment...

SUSE-SU-2015:2326-1 Security update for xen

This update fixes the following security issues: - bsc956832 - CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list - bsc956592 - xen: virtual PMU is unsupported XSA-163 - bsc956408 - CVE-2015-8339, CVE-2015-8340: xen: XENMEMexchange error handling issues XSA-15...

CVE-2004-0797

The error handling in the 1 inflate and 2 inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service application crash...