PT-2026-7870

Name of the Vulnerable Software and Affected Versions webtransport-go versions prior to 0.10.0 Description An attacker can cause unbounded memory consumption by repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing...

EUVD-2021-10881

Malware in sbrugna...

EUVD-2007-1788

Malware in sbrugna...

EUVD-2021-0463

Malware in sbrugna...

EUVD-2019-13494

Malware in sbrugna...

EUVD-2013-0847

Malware in sbrugna...

EUVD-2013-0767

Malware in sbrugna...

EUVD-2025-7439

Malicious code in bioql PyPI...

EUVD-2023-54431

Malicious code in bioql PyPI...

CVE-2024-3856

A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox 125...

CVE-2025-1934 Unexpected GC during RegExp bailout processing

It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2023-48184

QuickJS before 7414e5f has a quickjs.h JSFreeValueRT use-after-free because of incorrect garbage collection of async functions with closures...

CVE-2024-3857

The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

CVE-2024-26780 af_unix: Fix task hung while purging oob_skb in GC.

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix task hung while purging oobskb in GC. syzbot reported a task hung; at the same time, GC was looping infinitely in listforeachentrysafe for OOB skb. 0 syzbot demonstrated that the listforeachentrysafe was not actually...

CVE-2023-5728

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...

CVE-2023-4577

When UpdateRegExpStatics attempted to access initialStringHeap it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2...

SUSE-SU-2023:0736-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters bsc1208471. The following non-security bugs were fixed: - Fixed a crash in the garbage collection bsc1188607 - Fixed...

CVE-2021-39216

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.19.0 and before version 0.30.0 there was a use-after-free bug when passing externrefs from the host to guest Wasm content. To trigger the bug, you have to explicitly pass multiple externrefs from the host to a...

UBUNTU-CVE-2016-6295

ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impac...

CVE-2014-3631

The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...