GHSA-6WX8-W4F5-WWCR Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption

Summary Concurrent::ReadWriteLockreleasewritelock does not verify that the calling thread acquired the write lock. Any thread with access to the lock object can release an active write lock held by another thread. A second writer can then enter its critical section while the first writer is still...

PT-2026-51092

Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description A synchronization correctness issue exists in the public Concurrent::ReadWriteLock API. The function release write lock does not verify if the calling thread actually acquired the write lock,...

CVE-2026-9137

CVE-2026-9137 affects the CSP report endpoint in MISP. The endpoint intended to cap CSP report payloads at 1 KB was incorrectly allowing reports up to 1 MB before truncation, enabling potential log flooding and resource exhaustion on deployments where the endpoint is reachable by untrusted client...

CVE-2026-9137 CSP Report Endpoint Log Flooding in MISP via Incorrect Size Limit

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...

CLSA-2026-1772811390 php: Fix of CVE-2017-9119

CVE-2017-9119: handle memory limit error during string reallocation correctly...

EUVD-2018-17512

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling the platformmax control value, which could result in a volume limit error...

Intel RealSense ID Buffer Error Vulnerability

Intel RealSense ID is a facial recognition solution from Intel Corporation USA that relies on its RealSense depth sensing technology. A security vulnerability exists in IntelR RealSenseTM 450 FA version 0.25.0, which stems from incorrect buffer limits. An attacker could exploit the vulnerability ...

Malicious user may force gas limit error on created proposals

Lines of code Vulnerability details Impact User can create a proposal with arbitrary long array of targets. Function cancel iterates over those targets. Since this array may be long - the risk of out-of-gas error may occur - making the contract to be unable to cancel the proposal as cancel would...

Intel NUC 缓冲区错误漏洞

The Intel NUC is a small minicomputer from Intel USA. A security vulnerability exists in Intel NUC Laptop Kits that stems from incorrect buffer limits. An attacker exploited the vulnerability to elevate privileges...

Too many setToken modules may cause gas limit error

Lines of code Vulnerability details Impact Too many setToken modules may cause gas limit error. Has these impacts: 1. These setToken can't be initialized in NotionalTradeModule 2. Cannot remove any module from that setToken Proof of Concept / @dev MANGER ONLY: Initialize given SetToken with initi...

Intel NUC Buffer Limit Error Vulnerability

The Intel NUC 8 Mainstream Game Kit, among others, is a small desktop computer from Intel Corporation USA. A buffer limit error vulnerability exists in the firmware of the Intel NUC, which arises from a program's failure to properly perform buffer limiting and can be exploited by a local attacker...

The vulnerability of the libxml2 library, related to the execution of a loop with an unreachable exit condition, allows attackers to cause a service failure.

The vulnerability of the libxml2 library lies in the execution of a loop with an unreachable exit condition an infinite loop. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure by using a specially created XML file that triggers lzmamemlimiterror...

Fedora 28 : php (2018-6855bf9ff3)

PHP version 7.2.12 08 Nov 2018 Core: - Fixed bug php76846 Segfault in shutdown function after memory limit error. Nikita - Fixed bug php76946 Cyclic reference in generator not detected. Nikita - Fixed bug php77035 The phpize and ./configure create redundant .deps file. Peter Kokot - Fixed bug...

DEBIAN-CVE-2018-14567

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251...

PT-2017-12931 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 6.9.7-10 Description: The issue causes a crash when image dimensions are too large, instead of reporting a "width or height exceeds limit" error. This can be demonstrated using the mpc coder. Recommendations: For...