104 matches found
EUVD-2025-10076
Malicious code in bioql PyPI...
EUVD-2025-20018
Malicious code in bioql PyPI...
EUVD-2021-9467
Malicious code in bioql PyPI...
EUVD-2025-20452
Malicious code in bioql PyPI...
Advisory ROSA-SA-2025-2950
software: assimp 5.0.1 OS: ROSA-CHROME unaffected versions = assimp-5.0.1.1-6 affected versions assimp-5.0.1.1-6 CVE-ID: CVE-2024-45679 BDU-ID: 2025-02665 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the 3D model import library Open Asset Import Library Assimp is related to a buffer overflow in...
Linux Distros Unpatched Vulnerability : CVE-2018-18504
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a...
PT-2025-29843 · Gnu +1 · Gpac +1
Уязвимость функции gf filter pid inst swap утилиты MP4Box мультимедийной платформы GPAC связана с использованием памяти после освобождения. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании или выполнить произвольный код...
CVE-2025-20983
Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...
FreeBSD -- Use-after-free in multi-threaded xz decoder
Problem Description: A worker thread could free its input buffer after decoding, while the main thread might still be writing to it. This leads to an use-after-free condition on heap memory. Impact: An attacker may use specifically crafted .xz file to cause multi-threaded xz decoder to crash, or...
GHSA-MF3R-6M25-3867 Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session
SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to...
CVE-2024-52937
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...
CVE-2024-47893
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory...
CVE-2024-47893 GPU DDK - OOB read and write of the shared KMD/FW memory heap (VZ/TEE setups)
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory...
CVE-2025-0467
CVE-2025-0467 affects Imagination Technologies PowerVR-GPU kernel code used inside a guest VM. The vulnerability arises when memory shared with the GPU firmware can be abused by the guest to write data outside the virtualized GPU memory, potentially impacting data integrity and isolation between ...
CVE-2025-32366
A flaw was found in ConnMan's DNS proxy component. This vulnerability allows an attacker to cause a buffer overread or memory corruption via a crafted DNS response due to improper validation of the RDLENGTH field before using it in a memcpy operation. Mitigation Mitigation for this issue is eithe...
CVE-2025-2912
A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5Omsgflush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The...
Samsung Notes Out-of-Bounds Read Vulnerability (CNVD-2025-12768)
Samsung Notes is an application program from the South Korean company Samsung SAMSUNG. It is used to provide a recording function. Samsung Notes suffers from an out-of-bounds read vulnerability, which originates from an out-of-bounds read in a text content binary application, and can be exploited...
PT-2025-10823
Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description A use after free condition exists in Microsoft Office, allowing an unauthorized attacker to execute code. The issue enables remote attackers to execute arbitrary code and affect the...
Linux Distros Unpatched Vulnerability : CVE-2022-48303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of...
Linux Distros Unpatched Vulnerability : CVE-2013-1790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized...