113 matches found
CVE-2025-4605
CVE-2025-4605 relates to Autodesk Maya parsing of .usdc via MayaUSD, where an adversary‑crafted file can trigger an uncontrolled memory allocation, leading to DoS or data corruption. Connected sources specify affected software: Autodesk Maya (prior to 2025.3.1) and MayaUSD (prior to 0.32.0). The ...
AlmaLinux 9 : osbuild-composer (ALSA-2025:7425)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7425 advisory. golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 Tenable has extracted the preceding description block directly from...
CVE-2022-36146
SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new at asannewdelete.cpp...
CVE-2021-36174
A memory allocation with excessive size value vulnerability in the license verification function of FortiPortal before 6.0.6 may allow an attacker to perform a denial of service attack via specially crafted license blobs...
CVE-2020-6610
GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in readsectionsmap in decoder2007.c...
CVE-2025-46713
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 0.0.1 and prior to 1.15.12, APISETSECUREPARAM may have an arithmetic overflow deep in the memory allocation subsystem that would lead to a smaller allocation than requeste...
CVE-2019-20009
An issue was discovered in GNU LibreDWG before 0.93. Crafted input will lead to an attempted excessive memory allocation in dwgdecodeSPLINEprivate in dwg.spec...
Important: Red Hat Security Advisory: osbuild-composer security update
An update for osbuild-composer is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
ALSA-2025:7967 Important: osbuild-composer security update
A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...
CVE-2025-27533 Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...
CVE-2025-27533
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...
ALSA-2025:4669 Important: osbuild-composer security update
A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes:...
Important: Red Hat Security Advisory: osbuild-composer security update
An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
CVE-2023-53134
CVE-2023-53134 is a Linux kernel issue affecting the bnxt_en driver where 4K-page systems could experience memory-allocation failure when tracking concurrent TPA (GRO/LRO) completions on 4K pages (up to 256 on P5). The root cause was an order-5 allocation for TPA data. The patch changes allocatio...
CVE-2023-53061 ksmbd: fix possible refcount leak in smb2_open()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible refcount leak in smb2open Reference count of acls will leak when memory allocation fails. Fix this by adding the missing posixaclrelease...
Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.1.5
Logging for Red Hat OpenShift - 6.1.5 Logging for Red Hat OpenShift - 6.1.5 lokistack-gateway-container: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204...
ALSA-2025:3344 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 For more details about the security issues, including the impact, a CVSS...
RLSA-2024:9195 Moderate: cyrus-imapd security update
The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and SIEVE support. Security Fixes: cyrus-imapd: unbounded memory allocation by sending many LITERALs in a single command CVE-2024-34055 For more details about the security issues, including the impact, a CVSS...
cyrus-imapd security update
An update is available for cyrus-imapd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cyrus-imapd packages contain a high-performance mail server with IMAP...
CVE-2022-49453
In the Linux kernel, the following vulnerability has been resolved: soc: ti: tiscipmdomains: Check for null return of devmkcalloc The allocation funciton devmkcalloc may fail and return a null pointer, which would cause a null-pointer dereference later. It might be better to check it and directly...