EUVD-2026-38231

MISP allowed an authenticated site administrator to set the Kafkardkafkaconfig setting to an arbitrary filesystem path. MISP subsequently parsed the referenced INI file and passed its options to rdkafka. A crafted attacker-controlled configuration file could use rdkafka options such as...

PT-2026-51311

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An authenticated site administrator can set the Kafka rdkafka config setting to an arbitrary filesystem path. The system parses the referenced INI file and passes its options to rdkafka. By usin...

EulerOS Virtualization 2.10.1 : autogen (EulerOS-SA-2026-2014)

According to the versions of the autogen package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The...

CVE-2025-62609

MLX (on Apple silicon) prior to version 0.29.4 is affected by a wild pointer dereference in mlx::core::load_gguf() when loading malicious GGUF files, dereferencing an untrusted pointer from gguflib without validation and causing a crash. The issue stems from loading external GGUF data and manifes...

CVE-2025-62609 MLX has Wild Pointer Dereference in load_gguf()

MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...

MLX has Wild Pointer Dereference in load_gguf()

Summary Segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. Environment: - OS: Ubuntu 20.04.6 LTS - Compiler: Clang 19.1.7 Vulnerability Location: mlx/io/gguf.cp...

EUVD-2025-24045

Malicious code in bioql PyPI...

EUVD-2021-7861

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-14553

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call...

CVE-2025-8746

A buffer overflow flaw was found in libopts. The strstrsse2 function is susceptible to memory corruption due to manipulation of internal data structures. A local attacker can trigger this vulnerability. Exploitation occurs through crafted input, potentially leading to a denial of service...

CVE-2025-8746

A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue w...

CVE-2025-8746 GNU libopts __strstr_sse2 memory corruption

A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue w...

CVE-2025-8746

CVE-2025-8746 concerns GNU libopts up to 27.6, where the __strstr_sse2 function can cause memory corruption with local access. The description notes the bug is in libopts (an external library) and affects products still linked to vulnerable libopts; exploitation has been disclosed. Connected OSV/...

CVE-2024-32860

Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

CVE-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

The vulnerability of the application software interface of the JumpServer system for auditing security operations and maintenance allows a perpetrator to bypass passwords.

The vulnerability of the application software interface of the JumpServer security audit system for operation and maintenance involves insufficient protection of operational data during the loading of external libraries. Exploiting this vulnerability allows a malicious actor to remotely reset...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure due to using an external library which, by default, allows filtering on all data attributes and associations. This allows an unauthenticated remote attacker to exfiltrate non-public data from the underlying database...

Sketch 代码问题漏洞

Sketch is a vector graphics editor for macOS from the Dutch company Sketch. Its main use is for user interface and user experience design for websites and mobile applications, Sketch has features for prototyping and collaboration. Sketch suffers from a security vulnerability that stems from...

gd: NULL pointer dereference in gdImageClone

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd not bundled...

CVE-2018-14553

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd not bundled...