Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: A boundary check was added before installing cq callbacks. A boundary check has been added inside manaibinstallcqcb to prevent index overflow...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as an array index when the EIOINTCENABLE register is modified. This can lead to an array index overflow issue...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Ensure that the index calculations will never cause an overflow. WHY & HOW Ensure that the calculations of vmid0p72idx, vnom0p8idx, and vmax0p9idx will never cause an overflow or exceed the array size. This fi...

golang: cmd/compile: possible memory corruption after bound check elimination

A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially...

CVE-2026-31970

HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading function, bgzfindexloadhfile, it was possible to trigger an integer overflow, leading to an under- or zero-sized buffer being allocated to stor...

CVE-2026-31970 HTSlib BGZF index file reader has a heap buffer overflow

HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading function, bgzfindexloadhfile, it was possible to trigger an integer overflow, leading to an under- or zero-sized buffer being allocated to stor...

Linux Distros Unpatched Vulnerability : CVE-2026-31970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP BGZF files. In the GZI loading...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.382.b05-1.el7 (AXSA:2023-6248:13)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6248:13 advisory. OpenJDK: improper handling of slash characters in URI-to-path conversion 8305312 CVE-2023-22049 OpenJDK: array indexing integer overflow issue 83044...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of folionextindex may result in an overflow that could lead to data corruption...

CLSA-2025-1767028399 java-11-openjdk: Fix of 5 CVEs

Upgrade to openjdk-11.0.29+7 GA. The following CVEs were fixed: - CVE-2023-48161: fix buffer overflow vulnerability - CVE-2024-21147: RangeCheckElimination array index overflow - CVE-2025-21587: fix TLS connection support to avoid unauthorized access to critical data - CVE-2025-53057: enhance...

📄 libxml2 2.9.14 (2022) Heap Buffer Overflow

libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. ============================================================================================================================================= | Title : libxml2 2.9.14...

SUSE CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

EUVD-2002-1371

Malware in sbrugna...

EUVD-2025-22636

Malicious code in bioql PyPI...

CVE-2025-59942

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

CVE-2025-59942 go-f3 module vulnerable to integer overflow leading to panic

go-f3 is a Golang implementation of Fast Finality for Filecoin F3. In versions 0.8.6 and below, go-f3 panics when it validates a "poison" messages causing Filecoin nodes consuming F3 messages to become vulnerable. A "poison" message can can cause integer overflow in the signer index validation,...

PT-2025-39917

Name of the Vulnerable Software and Affected Versions go-f3 versions 0.8.6 and earlier Description go-f3 is a Golang implementation of Fast Finality for Filecoin F3. Versions 0.8.6 and below experience a panic when validating specific "poison" messages. These messages can trigger an integer...

CVE-2025-57059

Affected product: Tenda G3 router (v3.0br_V15.11.0.17). The issue is a stack overflow in the dhcpIndex parameter of the addDhcpRule function, caused by insufficient input validation of length/size. Impact: Denial of Service via a crafted request. Root cause: buffer/stack overflow in a DHCP rule c...

Linux Distros Unpatched Vulnerability : CVE-2024-38542

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: boundary check before installing cq callbacks Add a boundary check inside...

SUSE CVE-2025-38367

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...