GHSA-CH88-C67Q-65R9 aiwaves-cn agents is vulnerable to resource consumption in the recall_relevant_memories_to_working_memory function

A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59. Affected by this issue is the function recallrelevantmemoriestoworkingmemory of the file core/cat/lookingglass/straycat.py of the component cheshirecatcore. This manipulation causes resource...

CVE-2025-47358

Memory Corruption when user space address is modified and passed to memfree API, causing kernel memory to be freed inadvertently...

PT-2026-5671

Memory Corruption when multiple threads simultaneously access a memory free API...

Azure Linux 3.0 Security Update: fltk (CVE-2020-14152)

The version of fltk installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-14152 advisory. - In IJG JPEG aka libjpeg before 9d, jpegmemavailable in jmemnobs.c in djpeg does not honor the maxmemorytouse...

CVE-2025-44904

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VMmemcpyvv function...

CVE-2024-47540 GHSL-2024-197: GStreamer uses uninitialized stack memory in Matroska/WebM demuxer

GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence AI tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from the use of kfree to free memory instead of kvfree...

PT-2024-40683 · Libspdm · Libspdm

Name of the Vulnerable Software and Affected Versions: libspdm affected versions not specified Description: The issue is related to a heap-buffer-overflow read. Technical details about the crash include the libspdm copy mem function and the libspdm get response chunk send function. No information...

Null pointer dereference

Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c...

CVE-2021-34381

Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tzmapsharedmem function, which might lead to denial of service, information disclosure, or data tampering...

AZL-45315 CVE-2020-14152 affecting package fltk for versions less than 1.3.8-1

In IJG JPEG aka libjpeg before 9d, jpegmemavailable in jmemnobs.c in djpeg does not honor the maxmemorytouse setting, possibly causing excessive memory consumption...

DENX Software Engineering U-Boot Input Validation Vulnerability

DENX Software Engineering U-Boot is a bootloader from DENX Software Engineering, Germany, that can read device configuration from AES encrypted files. An input validation vulnerability exists in the Verified boot signature verification in DENX Software Engineering U-Boot. An attacker could exploi...

Internet Bug Bounty: memcpy negative parameter _bc_new_num_ex

Upstream Bug --- https://bugs.php.net/bug.php?id=73190 Summary -- When scale parameter value in \bcnewnumex is large enough 0x7fffffff, memset function receive negative size parameter. Affected functions: bcsub, bcadd , bcsqrt ... Source code:...

[NGSEC-2002-1] Ettercap, remote root compromise

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Next Generation Security Technologies http://www.ngsec.com Security Advisory Title: Ettercap, remote root compromise ID: NGSEC-2002-1 Application: ettercap 0.6.3.1 and older http://ettercap.sourceforge.net Date: 05/02/2002 Status: Vendor Contacted, ne...