25 matches found
EUVD-2020-19796
Malware in sbrugna...
EUVD-2024-53814
Malicious code in bioql PyPI...
EUVD-2022-54874
Malicious code in bioql PyPI...
EUVD-2021-8947
Malicious code in bioql PyPI...
PT-2025-33763 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The perf mmap function in the Linux kernel does not correctly handle buffer mapping failures. Specifically, if mapping a buffer read-only into the page table fails after successful...
CVE-2023-53061 ksmbd: fix possible refcount leak in smb2_open()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible refcount leak in smb2open Reference count of acls will leak when memory allocation fails. Fix this by adding the missing posixaclrelease...
CVE-2025-21950 drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmdioctl In the "pmcmdioctl" function, three memory objects allocated by kmalloc are initialized by "hcallgetcpustate", which are then copied to user space. The...
CVE-2022-49676
In the Linux kernel, the following vulnerability has been resolved: memory: samsung: exynos5422-dmc: Fix refcount leak in ofgetdramtimings ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. This function doesn't call ofnodeput in...
CVE-2022-42896
There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2capcore.c's l2capconnect and l2capleconnectreq functions which may allow code execution and leaking kernel memory respectively remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via...
Mozilla Thunderbird Security Advisory (MFSA2022-42) - Mac OS X
Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
Security update for wireshark (important)
openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2021:2125-1 Rating: important References: 1179930 1179931 1179932 1179933 1180102 1180232 1181598 1181599 1183353 1184110 1185128 Cross-References: CVE-2020-26418 CVE-2020-26419 CVE-2020-26420 CVE-2020-26421...
CVE-2021-21779
A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger this...
Double free
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in...
CVE-2020-15710
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in...
CVE-2020-9837
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory...
February 13, 2018—KB4074598 (Monthly Rollup)
February 13, 2018—KB4074598 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4057400 released January 19, 2018 and addresses the following issues: Addresses issue with editing input fields in some applications in Internet...
CVE-2017-11301
An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses...
VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Exploit
Exploit for windows platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the...
SUSE-SU-2016:0457-1 Security update for rubygem-actionpack-4_2
This update for rubygem-actionpack-42 fixes the following issues: - CVE-2016-0751: Object Leak DoS bsc963331 - CVE-2015-7581: unbounded memory growth DoS via wildcard controller routes bsc963335 - CVE-2016-0752: directory traversal and information leak in Action View bsc963332 - CVE-2015-7576:...
Updated libebml packages fix security vulnerability
In EbmlMaster::Read in libebml before 1.3.3, when the parser encountered a deeply nested element with an infinite size then a following element of an upper level was not propagated correctly. Instead the element with the infinite size was added into the EBML element tree a second time resulting i...