EUVD-2025-20066

Malicious code in bioql PyPI...

CVE-2025-37892 mtd: inftlcore: Add error check for inftl_read_oob()

In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftlreadoob In INFTLfindwriteunit, the return value of inftlreadoob need to be checked. A proper implementation can be found in INFTLdeleteblock. The status will be set as SECTORIGNORE to brea...

The function _initProposalImpl should have access control checks to restrict who can initialize or change the implementation.

Lines of code Vulnerability details M4 - The function initProposalImpl should have access control checks to restrict who can initialize or change the implementation. poc: solidity function initProposalImplIProposalExecutionEngine impl, bytes memory initData internal onlyAuthorized Assessed type...

The vulnerability of Google GRPC’s remote procedure call system lies in insufficient input validation and improper implementation of functions, allowing attackers to trigger service failures.

The vulnerability of Google GRPC process callouts is related to insufficient validation of input data and improper implementation of functions. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of Google GRPC’s remote procedure call system, related to insufficient input validation and improper implementation of functions, allows a perpetrator to trigger a service failure.

The vulnerability of Google GRPC process callouts is related to insufficient validation of input data and improper implementation of functions. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

changeRewardSpeed function at the MultiRewardStaking contract is incorrectly implemented and can leave the staking of a token on a denial of service state (copy)

Lines of code Vulnerability details Impact The changeRewardSpeed function from the MultiRewardStaking.sol contract lacks documentation on how exactly it should work. By its name and some comments above it, I infer that the function must change the rate of tokens rewards per unit of time. For...

CVE-2022-23585 Memory leak in decoding PNG images in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

setGuardian() Wrong implementation

Handle WatchPug Vulnerability details function setGuardianaddress guardian external onlyGovernance; governance = guardian; function setGuardianaddress guardian external onlyGovernance; governance = guardian; governance = guardian should be guardian = guardian. --- The text was updated successfull...

The vulnerability of Linux operating system kernels, related to insufficient input validation and improper implementation of functions, allows attackers to trigger service failures.

The vulnerability of Linux operating system kernels is related to insufficient validation of input data and incorrect implementation of functions. Exploiting this vulnerability can allow an attacker, working remotely, to cause service failures by sending location updates via the IAPP protocol,...

GNU Bash - 'Shellshock' Environment Variable Command Injection

Exploit Database Note: The following is an excerpt from: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ Like “real” programming languages, Bash has functions, though in a somewhat limited implementation, and it is possible to put the...