Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991282 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pcclocksettime As Andrew pointed out, it will make...

EUVD-2000-0345

Malware in sbrugna...

EUVD-2025-16352

Malicious code in bioql PyPI...

GO-2025-3706 Fiber panics when fiber.Ctx.BodyParser parses invalid range index in github.com/gofiber/fiber

Fiber panics when fiber.Ctx.BodyParser parses invalid range index in github.com/gofiber/fiber...

AZL-53420 CVE-2024-50195 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: posix-clock: Fix missing timespec64 check in pcclocksettime As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tvsec and tvnsec range before calling ptp-info-settime64. As the man manual of...

CVE-2023-52764

In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the...

PYSEC-2023-319

WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegment::IsValidRange, which lead to segmentation fault...

Denial Of Service (DoS)

libtiff.so amazon linux is vulnerable to denial of service. The vulnerability exists because an invalid range may be passed as an argument to the memset function within TIFFFetchStripThing of tifdirread.c which allows an attacker to cause an application crash passing a malicious TIFF file...

MGASA-2018-0430 Updated lighttpd packages fix security vulnerabilities

Updated lighttpd package fixes security vulnerabilities: Potential path traversal with specific configs or in some use cases in modalias. use-after-free invalid Range requests in core. Process headers after combining folded headers in core. Skip username "." and ".." in moduserdir...

Design/Logic Flaw

The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service daemon crash via an AMQP message with 1 an invalid range in a sequence set, 2 content-bearing methods other than message-transfer, or 3 a session-gap control before a corresponding...

CVE-2013-1322

Microsoft Publisher 2003 SP3 is affected by CVE-2013-1322, a remote code execution vulnerability caused by improper validation of table range data in Publisher files. A crafted Publisher document can trigger arbitrary code execution in the context of the logged-in user. The issue is part of a bro...

CVE-2000-0346

CVE-2000-0346 affects AppleShare IP 6.1 and later. A remote attacker can read potentially sensitive information by issuing an invalid range request to the web server. The provided sources confirm the affected product and the nature of the information disclosure, but do not include details on patc...

CVE-2000-0346

AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server...