147 matches found
CVE-2025-47816
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...
GNU PSPP 安全漏洞
GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from an out-of-bounds read vulnerability that stems from spvxmlparseattributes, no details of the vulnerability are provided at this time...
PT-2025-20644 · Gnu +1 · Gnu Pspp +1
Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause an out-of-bounds read in spvxml-helpers.c spvxml parse attributes, related to extra content at the end of a document. Recommendations: For GNU PSPP versions...
CVE-2025-47816
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...
PT-2025-20643 · Gnu +1 · Gnu Pspp +1
Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause a heap-based buffer overflow in the inflate read function, which is called indirectly from zip member read all in zip-reader.c. This can be exploited to caus...
CVE-2025-47815
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...
CVE-2025-47815
CVE-2025-47815 affects GNU PSPP up to version 2.0.1, via the libpspp-core.a component. The issue is a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c, due to improper validation of input length/size. This is the stated root cause and vulnera...
CVE-2025-47814
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...
CVE-2025-47816
CVE-2025-47816 affects GNU PSPP (libpspp-core.a) through version 2.0.1. The vulnerability is an out-of-bounds read in spvxml_parse_attributes (spvxml-helpers.c), related to extra content at the end of a document. All provided connected sources corroborate this issue. Practical impact is an out-of...
CVE-2025-47814
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...
CVE-2025-47815
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...
CVE-2025-47816
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...
CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
DEBIAN-CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
CVE-2025-47229
CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...
CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
PT-2025-18938 · Gnu +1 · Gnu Pspp +1
Name of the Vulnerable Software and Affected Versions: GNU PSPP versions through 2.0.1 Description: The issue allows attackers to cause a denial of service, resulting in an application exit, via crafted input data. This can be triggered by specific data that causes a call from the...