89 matches found
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the getas function of the boxednumber.hpp file. An attacker can cause memory corruption by manipulating input locally, potentially leading to application instability or a denial of service. Remediation There is no fixe...
CVE-2026-27576
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...
CVE-2026-27576 OpenClaw: ACP prompt-size checks missing in local stdio bridge could reduce responsiveness with very large inputs
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, the ACP bridge accepts very large prompt text blocks and can assemble oversized prompt payloads before forwarding them to chat.send. Because ACP runs over local stdio, this mainly affects local ACP clients for example IDE...
OpenClaw 资源管理错误漏洞
OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Resource Management Error vulnerability that stems from an ACP bridge accepting too large a block of prompt text, which can be exploited by an attacker to cause problems with the processing of abnorm...
xfig: xfig: Stack-overflow allows possible code execution via local input manipulation
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...
xfig: xfig: Stack-overflow allows possible code execution via local input manipulation
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...
xfig: xfig: Stack-overflow allows possible code execution via local input manipulation
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...
xfig: xfig: Stack-overflow allows possible code execution via local input manipulation
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...
AZL-72559 CVE-2025-2296 affecting package hvloader for versions less than 1.0.1-15
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...
Unity Linux 20.1070e Security Update: transfig (UTSA-2025-984801)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984801 advisory. In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...
Unity Linux 20.1070e Security Update: transfig (UTSA-2025-984789)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984789 advisory. In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via readobjects function. Tenable has extracte...
Unity Linux 20.1070e Security Update: transfig (UTSA-2025-984794)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984794 advisory. A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via gengeitpspline function. Tenable has extracted the preceding...
EUVD-2025-8643
Malicious code in bioql PyPI...
EUVD-2025-8632
Malicious code in bioql PyPI...
EUVD-2025-8639
Malicious code in bioql PyPI...
EUVD-2025-12161
Malicious code in bioql PyPI...
EUVD-2025-12159
Malicious code in bioql PyPI...
EUVD-2025-12157
Malicious code in bioql PyPI...
EUVD-2025-12158
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-31163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via putpatternarc function. CVE-2025-31163 Note...