Linux Distros Unpatched Vulnerability : CVE-2026-43894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro...

Security Bulletin: UltraJSON Memory Leak in Large Integer Parsing Enables Denial of Service

Summary UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the intege...

Libgcrypt 1.12.2

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

PT-2026-25089

soroban-sdk is a Rust SDK for Soroban contracts. Prior to 22.0.11, 23.5.3, and 25.3.0, The Fr scalar field types for BN254 and BLS12-381 in soroban-sdk compared values using their raw U256 representation without first reducing modulo the field modulus r. This caused mathematically equal field...

Libgcrypt 1.12.0

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

Siemens SIMATIC S7-1500 Incorrect Type Conversion or Cast (CVE-2020-10735)

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are not...

EUVD-2009-2534

Malware in sbrugna...

EUVD-2023-1919

Malicious code in bioql PyPI...

CVE-2025-55398

An issue was discovered in mouse07410 asn1c thru 0.9.29 2025-03-20 - a fork of vlm asn1c. In UPER Unaligned Packed Encoding Rules, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious inp...

CVE-2008-5421

The SSL web administration service in NetWin SmsGate 1.1n and earlier allows remote attackers to cause a denial of service hang via 1 a large integer in the Content-Length HTTP header; 2 an invalid value in the Content-Length HTTP header, as demonstrated by a negative integer; or 3 a missing...

GHSA-XWC8-RF6M-XR86 hnswlib Double Free vulnerability

Hnswlib 0.7.0 has a double free in initindex when the M argument is a large integer...

hnswlib Double Free vulnerability

Hnswlib 0.7.0 has a double free in initindex when the M argument is a large integer...

Double free

Hnswlib 0.7.0 has a double free in initindex when the M argument is a large integer...

CVE-2023-37365

Hnswlib 0.7.0 has a double free in initindex when the M argument is a large integer...

SUSE CVE-2016-9391

The jpcbitstreamgetbits function in jpcbs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service assertion failure via a very large integer...

SUSE SLED15 / SLES15 Security Update : python310 (SUSE-SU-2022:3473-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3473-1 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using...

Sagemath 9.0 Overflow / Denial Of Service Exploit

sagemath 9.0 and reportedly later on ubuntu 20. sagemath gives access to the python interpreter, so code execution is trivial. We give DoS attacks, which terminates the sagemath process with abort, when raising symbolic expression to large integer power. We get abort with stack: gmp: overflow in...

Python 代码问题漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. Python has a security vulnerability that can be exploited by an attacker to trigger a denial of service by...

Improper handling of large integer values

Description In create Fee function, improper handling of large integer values in mount field value. Proof of Concept POST /demonstration/Modules.php?modname=StudentBilling/StudentFees.php HTTP/1.1 Host: www.rosariosis.org Cookie: RosarioSIS=kja39eaq6q73envhk6eo8300vgumn2612c5huvue08vgh66faog1...

MariaDB 资源管理错误漏洞

MariaDB is a free and open source database management system from the MariaDB Mariadb Foundation and a forked version of MySQL with the Maria storage engine. A resource management error vulnerability exists in MariaDB that stems from the product's convertconsttoint function reusing freed resource...