GHSA-W8MW-FRC6-R7M8 ImageMagick: Invalid MSL <map> can result in a use after free

The MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed...

EUVD-2026-7412

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...

EUVD-2021-0355

Malware in sbrugna...

EUVD-2018-8351

Malware in sbrugna...

EUVD-2018-8350

Malware in sbrugna...

EUVD-2025-6593

Malicious code in bioql PyPI...

EUVD-2022-5300

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-48945

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

CVE-2025-48945 pycares has a Use-After-Free Vulnerability

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

pycares 资源管理错误漏洞

pycares is a python library by the individual developers at saghul. A resource management error vulnerability exists in pycares versions prior to 4.9.0, which stems from post-release reuse and may cause the interpreter to crash...

CVE-2025-48945

A flaw was found in pycares. A use-after-free condition arises when a Channel object is garbage collected while associated DNS queries remain pending, leading to a fatal Python error and interpreter crash. This vulnerability allows a local attacker to trigger the crash by initiating DNS queries a...

GHSA-5QPG-RH4J-QP35 pycares has a Use-After-Free Vulnerability

Summary pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS queries are still pending. This results in a fatal Python error and interpreter crash. Details Root Cause The vulnerability stems from improper handling of callback...

GHSA-V432-7F47-9G94 PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash

Description: PostQuantum-Feldman-VSS, a Python library implementing Feldman's Verifiable Secret Sharing scheme with post-quantum security, was vulnerable to denial-of-service attacks in versions up to and including 0.7.6b0. This vulnerability stems from the library's reliance on the gmpy2 library...

PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash

Description: PostQuantum-Feldman-VSS, a Python library implementing Feldman's Verifiable Secret Sharing scheme with post-quantum security, was vulnerable to denial-of-service attacks in versions up to and including 0.7.6b0. This vulnerability stems from the library's reliance on the gmpy2 library...

SUSE CVE-2021-47300

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 "bpf: Track subprog poke descriptors correctly and fix use-after-free" under various failure conditions, for example, when...

SUSE CVE-2017-14033

The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service interpreter crash via a crafted string...

SUSE CVE-2018-15910

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code...

SUSE CVE-2018-16541

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter...

SUSE CVE-2021-29614

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

SUSE CVE-2022-1201

NULL Pointer Dereference in mrbvmexec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system...