Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Prevent “decltag” from being referenced in “funcproto” arguments. Syzkaller managed to encounter another issue with “decltag”: btffuncprotocheck kernel/bpf/btf.c:4506 inline btfcheckalltypes kernel/bpf/btf.c:4734 inline...

ROS-20260113-7328

A vulnerability in the checkfuncarg function of the kernel/bpf/verifier.c module of the Linux kernel is related to improper control of resource identifiers "resource injection". Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of...

CVE-2022-50883

CVE-2022-50883 concerns the Linux kernel, where a bpf-related vulnerability allowed a decl_tag to be referenced in a function prototype argument. The issue surfaces when parsing BTF/func_proto during bpf_btf_load and related paths, as Syzkaller traced an offending decl_tag usage through btf_func_...

EUVD-2017-0265

Malware in sbrugna...

EUVD-2024-48881

Malicious code in bioql PyPI...

EUVD-2025-27267

Malicious code in bioql PyPI...

EUVD-2024-55013

Malicious code in bioql PyPI...

CVE-2024-45432

OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...

CVE-2024-45432

OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...

CVE-2024-45432

OpenSynergy BlueSDK (Blue SDK) Bluetooth stack up to 6.x contains a flaw caused by an incorrect variable used as a function argument (and related network-packet handling issues in some reports). The vulnerability can lead to unexpected behavior and potential information disclosure, with CVE-2024-...

CVE-2024-8006

Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcapfindalldevsex. One of the function arguments can be a filesystem path, which normally means a directory with...

PT-2024-20340 · Unknown · @Bit/Loader

Name of the Vulnerable Software and Affected Versions: @bit/loader version 10.0.3 Description: A Prototype Pollution issue allows an attacker to execute arbitrary code via the M function e argument in index.js. Recommendations: For version 10.0.3, consider disabling the M function until a patch i...

CVE-2023-31918

Jerryscript 3.0 commit 1a2c047 was discovered to contain an Assertion Failure via the parserparsefunctionarguments at jerry-core/parser/js/js-parser.c...

[SECURITY] [DLA 3290-1] libzen security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3290-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 29, 2023 https://wiki.debian.org/LTS -...

Session fixation

There is an Assertion in 'contextp-nextscannerinfop-type == SCANNERTYPEFUNCTION' failed at parserparsefunctionarguments in /js/js-parser.c of JerryScript commit a6ab5e9...

Unspecified Vulnerability in JerryScript (CNVD-2021-42991)

JerryScript is a lightweight JavaScript engine . A security vulnerability exists in parserparsefunctionarguments in /home/JerryScript/jerry-core/parser/js/js-parser.c in JerryScript version 2.2.0. No details of the vulnerability are provided at this time...

CVE-2020-15202

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...

CVE-2019-10802

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull" is executed by the package without any validation...

PHP crack_opendict() extension buffer overflow

Buffer overflow on oversized function argument...