110 matches found
CVE-2026-6686
FatFs R0.16 and earlier contains an uninitialized cluster exposure when flseek extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 Use of Uninitialized Resource. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.6, Medium. The...
EUVD-2026-40998
FatFs R0.16 and earlier contains an uninitialized cluster exposure when flseek extends files beyond EOF without zero-filling newly allocated clusters. This maps to CWE-908 Use of Uninitialized Resource. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 4.6, Medium. The...
CVE-2026-6686
FatFs CVE-2026-6686 affects FatFs R0.16 and earlier. The issue is an uninitialized cluster exposure when f_lseek() extends a file beyond EOF without zero-filling newly allocated clusters, mapping to CWE-908 (Use of Uninitialized Resource). The root cause is not zero-filling or initializing cluste...
PT-2026-54928
Name of the Vulnerable Software and Affected Versions FatFs versions R0.16 and earlier Description An uninitialized cluster exposure occurs when the f lseek function extends files beyond the end-of-file EOF without zero-filling newly allocated clusters. This issue is a Use of Uninitialized...
CVE-2026-44931 malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API
The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel, stemming from defects in the sensor filling logic and floating-point conversion routines. These vulnerabilities m...
EUVD-2026-11645
Poseidon V1 variable-length input collision via implicit zero-padding...
CVE-2026-32129
soroban-poseidon provides Poseidon and Poseidon2 cryptographic hash functions for Soroban smart contracts. Poseidon V1 PoseidonSponge accepts variable-length inputs without injective padding. When a caller provides fewer inputs than the sponge rate inputs.len k, hashm1, ..., mk equals hashm1, ......
KeePassXC-Browser 安全漏洞
KeePassXC-Browser is an open source browser extension for KeePassXC. A security vulnerability exists in KeePassXC-Browser version 1.9.9.2 and earlier, which stems from auto-populating credentials in a sandboxed document, which could lead to credential disclosure...
The Trojan Example: Jailbreaking LLMs through Template Filling and Unsafety Reasoning
Large Language Models LLMs have advanced rapidly and now encode extensive world knowledge. Despite safety fine-tuning, however, they remain susceptible to adversarial prompts that elicit harmful content. Existing jailbreak techniques fall into two categories: white-box methods e.g., gradient-base...
EUVD-2002-0038
Malware in sbrugna...
EUVD-2018-10863
Malware in sbrugna...
EUVD-2016-0011
Malware in sbrugna...
EUVD-2016-6375
Malware in sbrugna...
EUVD-2019-9071
Malware in sbrugna...
EUVD-2017-16566
Malware in sbrugna...
EUVD-2025-31994
Malicious code in bioql PyPI...
SUSE CVE-2022-50428
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several ve...
CVE-2022-50428
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several ve...
UBUNTU-CVE-2022-50428
In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several ve...