EUVD-2025-15600

Malicious code in bioql PyPI...

firefox: thunderbird: Out-of-bounds access when optimizing linear sums

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

firefox: thunderbird: Out-of-bounds access when optimizing linear sums

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

OESA-2025-1548 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox 138.0.4, Firefox ESR 128.10.1, Firefox E...

OESA-2025-1545 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox 138.0.4, Firefox ESR 128.10.1, Firefox E...

CVE-2025-4919

CVE-2025-4919 describes an out-of-bounds read/write in JavaScript objects caused by confusing array index sizes, affecting Firefox including aliases (Firefox < 138.0.4, ESR < 128.10.1, ESR < 115.23.1) and Thunderbird (Thunderbird < 128.10.2; Thunderbird

CVE-2024-36740

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when index as a negative number exceeds the range of size...

SUSE CVE-2023-52565

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is bigger than the mask size, we might do an out of bound read...

GHSA-VFVJ-3M3G-M532 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

Summary Fuzz testing on crossplane/crossplane, by Ada Logics and sponsored by the CNCF, identified input to a function in the fieldpath package that can cause an out of memory panic. Applications that use the Paved type's SetValue method with user provided input without proper validation might us...

fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

Summary Fuzz testing on crossplane/crossplane, by Ada Logics and sponsored by the CNCF, identified input to a function in the fieldpath package that can cause an out of memory panic. Applications that use the Paved type's SetValue method with user provided input without proper validation might us...

CVE-2023-27483

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the Paved type's SetValue method with user provided input without proper...

CVE-2023-27483 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the Paved type's SetValue method with user provided input without proper...

SUSE CVE-2022-35952

TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...

CVE-2022-35952

TensorFlow is an open source platform for machine learning. The UnbatchGradOp function takes an argument id that is assumed to be a scalar. A nonscalar id can trigger a CHECK failure and crash the program. It also requires its argument batchindex to contain three times the number of elements as...

PT-2022-23053 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The UnbatchGradOp function in TensorFlow takes an argument id that is assumed t...