Linux Distros Unpatched Vulnerability : CVE-2023-54132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while...

SUSE-SU-2025:4432-1 Security update for libpng12

This update for libpng12 fixes the following issues: - CVE-2025-64505: Fixed heap buffer over-read in pngdoquantize via malformed palette index bsc1254157...

EUVD-2025-18598

Malicious code in bioql PyPI...

EUVD-2025-17441

Malicious code in bioql PyPI...

EUVD-2022-6794

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-42064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip pipe if the pipe idx not set properly why Driver crashes when pipe idx...

Security Bulletin: An issue was discovered in pip (all versions) because it installs the version with the highest version number, which affects IBM watsonx.data

Summary An issue was discovered in pip all versions because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package do...

CVE-2025-38055

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix segfault with PEBS-via-PT with samplefreq Currently, using PEBS-via-PT with a sample frequency instead of a sample period, causes a segfault. For example: BUG: kernel NULL pointer dereference, address:...

CVE-2025-37739 f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as below: ------------ cut here ------------ UBSAN: array-index-out-of-bounds in fs/f2fs/node.h:381:10 index 18446744073709550692 is...

CVE-2024-53156

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for connrspepid in htcconnectservice I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htchst.c:26:51 index 255 is out of range for type...

Unspecified vulnerability in Linux kernel (CNVD-2024-40278)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not avoiding the use of negative values when dealing with array indexes. No details of the vulnerability are...

PYSEC-2024-192

An issue was discovered in llamaindex before 0.10.38. download/integration.py includes an exec call for import clsname...

PT-2024-18936 · Audify · Audify

Name of the Vulnerable Software and Affected Versions: audify versions all Description: The issue arises from improper validation of array index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions, as it is not checked for negative values. This can le...

CVE-2024-36742

An issue in the oneflow.scatternd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when index parameter exceeds the range of shape...

CVE-2023-52812

In the Linux kernel, the following vulnerability has been resolved: drm/amd: check num of link levels when update pcie param In SR-IOV environment, the value of pcietable-numoflinklevels will be 0, and numoflevels - 1 will cause array index out of bounds...

CVE-2023-51455

A Improper Validation of Array Index issue affecting the v2sdkservice running on a set of DJI drone devices on the port 10000 could allow an attacker to corrupt a controlled memory location due to a missing input validation in the onreceivesessionpacketack function implemented in the libv2sdk.so...

CLSA-2022-1657182150 Fix CVE(s): CVE-2022-2129, CVE-2022-2124, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720

SECURITY UPDATE: Reading past end of line with "gf" in Visual block mode - debian/patches/CVE-2022-1720.patch: Do not include the NUL in the length - CVE-2022-1720 SECURITY UPDATE: Searching for quotes may go over the end of the line - debian/patches/CVE-2022-2124.patch: Check for running into th...

SUSE-SU-2021:3675-1 Security update for the Linux Kernel

The following security bugs were fixed: - CVE-2021-3542: Fixed heap buffer overflow in firedtv driver bsc1186063. - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory bsc1188563. - CVE-2021-3715: Fixed a...

BlueZ buffer overflow vulnerability (CNVD-2021-44978)

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. BlueZ suffers from a buffer overflow vulnerability that stems from the clifeatreadcb function in src/gatt-database.c failing to perform a bounds check on the...

CVE-2020-15112

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...