USN-8251-1 libpng1.6 vulnerabilities

It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : DjVuLibre vulnerabilities (USN-8054-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8054-1 advisory. It was discovered that DjVuLibre could be forced to execute a division by zero in certain instances. A...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper memory handling and result in an unexpected process crash...

SUSE CVE-2025-66287

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

EUVD-2021-18491

Malware in sbrugna...

EUVD-2020-24450

Malware in sbrugna...

EUVD-2022-26196

Malicious code in bioql PyPI...

Appneta Tcpreplay 安全漏洞

Appneta Tcpreplay is an open source network message playback utility from Appneta. A security vulnerability exists in Appneta Tcpreplay version 4.5.1, which stems from the tcpliveplay utility incorrectly handling memory when processing specially crafted pcap files, which could result in a denial ...

CVE-2020-0677

An information disclosure vulnerability exists in the Cryptography Next Generation CNG service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update...

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143...

CVE-2020-1226

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225...

CVE-2019-0901

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-089...

CVE-2025-21899 tracing: Fix bad hist from corrupting named_triggers list

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix bad hist from corrupting namedtriggers list The following commands causes a crash: cd /sys/kernel/tracing/events/rcu/rcucallback echo 'hist:name=bad:keys=commonpid:onmaxbogus.savecommonpid' trigger bash: echo: write...

USN-7259-2: GNU C Library vulnerability

USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that GNU C Library incorrectly handled memory when using the assert function. An attacker could possibly use this issue to cause a...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46673)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46673 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe...

Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞

Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliance are both products of Cisco, Inc.Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Adaptive Security Appliance is a network appliance. It is used to protect...

CVE-2022-20946

A vulnerability in the generic routing encapsulation GRE tunnel decapsulation feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory handling err...

Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability

A vulnerability in the generic routing encapsulation GRE tunnel decapsulation feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory handling err...

USN-5638-1 expat vulnerability

Rhodri James discovered that Expat incorrectly handled memory when processing certain malformed XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

UBUNTU-CVE-2022-30045

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmldecode performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read...