479 matches found
EUVD-2021-34664
Malicious code in bioql PyPI...
EUVD-2023-36680
Malicious code in bioql PyPI...
EUVD-2022-54876
Malicious code in bioql PyPI...
EUVD-2022-54766
Malicious code in bioql PyPI...
EUVD-2023-2881
Malicious code in bioql PyPI...
EUVD-2023-1504
Malicious code in bioql PyPI...
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
...
USN-7756-1 imagemagick vulnerabilities
It was discovered that ImageMagick did not properly handle memory when performing magnified size calculations. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-55154 Woojin Park, Hojun Lee,...
CLSA-2025-1758039948 protobuf: Fix of CVE-2022-1941
CVE-2022-1941: fix parsing vulnerability in MessageSet type to prevent out of memory failures and DoS attacks...
SUSE CVE-2025-58143
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
USN-7707-1 tiff vulnerabilities
It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffmedian tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. CVE-2025-8176 It was discovered that LibTIFF did...
SUSE-SU-2025:02684-1 Security update for apache2
This update for apache2 fixes the following issues: - CVE-2024-42516: Fixed HTTP response splitting. bsc1246477 - CVE-2024-43204: Fixed a SSRF when modproxy is loaded that allows an attacker to send outbound proxy requests to a URL controlled by them. bsc1246305 - CVE-2024-47252: Fixed insufficie...
ALSA-2025:12746 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: HID: intel-ish-hid: Fix use-after-free issue ...
SUSE CVE-2025-48074
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...
Suricata < 7.0.11 DoS
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...
CVE-2025-36071 IBM Db2 denial of service
IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources...
SUSE-SU-2025:02511-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 - CVE-2025-53015: Fixed specific XMP file conversion may cause an infinite loop bsc1246531 - CVE-2025-53019: Fixed format specifiers in a filenam...
USN-7643-1 libsoup3, libsoup2.4 vulnerabilities
Jan Różański discovered that libsoup incorrectly handled range headers in an HTTP request. An attacker could possibly use this issue to cause libsoup to consume excessive memory, resulting in a denial of service. CVE-2025-32907 Alon Zahavi discovered that libsoup incorrectly handled memory when...
USN-7637-1: libjxl vulnerabilities
It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service. CVE-2023-0645 It was discovered that libjxl did not perform proper bounds checking when decoding...
Oracle Linux 8 : pam (ELSA-2025-10027)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-10027 advisory. 1.3.1-37.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-37 - pamnamespace: fix potential privilege escalation. Resolves:...