EUVD-2026-30968

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

CVE-2026-39855

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...

SUSE CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

SQLite 安全漏洞

SQLite is a lightweight database developed under the open-source SQLite project. It is an ACID-compliant relational database management system. SQLite versions prior to 3.51.1 have a security vulnerability. This vulnerability stems from the zipfileInflate function in the zipfile extension, which...

CVE-2025-70873

An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file...

Linux Distros Unpatched Vulnerability : CVE-2025-33220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the readline function in the mdbload.c file. An attacker can cause a denial of service or potentially access limited heap memory contents by providing malformed input that triggers an unsigned offset calculation t...

EUVD-2015-8247

Malware in sbrugna...

EUVD-2017-6513

Malware in sbrugna...

EUVD-2017-14163

Malware in sbrugna...

EUVD-2018-5823

Malware in sbrugna...

EUVD-2015-8663

Malware in sbrugna...

EUVD-2024-39594

Malicious code in bioql PyPI...

EUVD-2024-39592

Malicious code in bioql PyPI...

EUVD-2024-39593

Malicious code in bioql PyPI...

CVE-2021-26305

An issue was discovered in Deserializer::readvec in the cdr crate before 0.2.4 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated heap memory, violating soundness...

CVE-2021-37655

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to tf.rawops.ResourceScatterUpdate. The implementation has an incomplete validation of the...

CVE-2022-41900

TensorFlow is an open source platform for machine learning. The security vulnerability results in FractionalMaxAVGPool with illegal poolingratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote...

SUSE CVE-2023-25668

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...

AZL-31200 CVE-2023-25668 affecting package tensorflow for versions less than 2.11.1-1

TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick...