18 matches found
GHSA-QQFJ-4VCM-26HV Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages...
NiceGUI 安全漏洞
NiceGUI is an easy-to-use, Python-based UI framework developed under the NiceGUI open source project. Versions of NiceGUI prior to 3.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the media routing functions in app.addmediafile and app.addmediafiles, which allowed...
PT-2026-26484
Name of the Vulnerable Software and Affected Versions NiceGUI versions prior to 3.9.0 Description NiceGUI’s app.add media file and app.add media files functions are susceptible to a flaw where a user-controlled query parameter, passed to the range-response implementation without validation, can...
GHSA-VC8C-J3XM-XJ73 Wasmtime segfault or unused out-of-sandbox load with f64.copysign operator on x86-64
On x86-64 platforms with AVX Wasmtime's compilation of the f64.copysign WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages disabled...
CVE-2025-54470
Summary: CVE-2025-54470 affects NeuVector telemetry sender when the “Report anonymous cluster data” option is enabled. The root cause is failure to verify the telemetry server’s TLS certificate and hostname, enabling MITM attacks, and unbounded in-memory loading of the server response, enabling p...
AVX-Based Timing Side Channel — ASLR Detection
This work demonstrates a technique for detecting ASLR using AVX memory load instructions combined with RDTSCP timing and SIGSEGV detection. It illustrates how side-channel timing measurements can be applied to analyze memory layout randomization...
(Pwn2Own) NVIDIA Triton Inference Server LoadFromSharedMemory Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NVIDIA Triton Inference Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LoadFromSharedMemory function. The issue results from the lac...
UBUNTU-CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
CVE-2023-29732
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Dependi...
Denial Of Service (DoS)
github.com/notaryproject/notation-go is vulnerable to Denial of Service DoS attacks. A malicious user is able to exhaust memory through the signature verification component, either resulting in high memory load or an application crash...
Memory Utilization settings applied via WEM are not working
The customer was running WEM version 1811 and upgraded to version 2103 They had memory and CPU utilization settings applied via WEM that were working fine They noticed after the upgrade that memory load in the VDAs started spiking above 80% even though they have set memory optimization rules via...
Apache PDFBox 安全漏洞
Apache PDFBox is the United States Apache Apache Foundation of a Java-based open source language tool library . The product provides PDF document creation and editing and other functions. Apache PDFBox has a security vulnerability that stems from the fact that a carefully crafted PDF file can...
Valve: Malformed save files (.sav) allow to write files with arbitrary extensions and content in GoldSrc-based games.
The structure of the save file implies unpacking of temporary files with extensions .HL1, .HL2 and .HL3. In the code of command 'load', there is a check for invalid substrings, such as .., so unpacking the files into the top directories will not work. Also, it seems, there is a code for checking...
node. js remote memory disclosure vulnerability-vulnerability warning-the black bar safety net
Recently, in allows users to simply send a ping data frame to the allocated memory of the ws module found in the presence of the vulnerability. The vulnerability will reject a user request to send data, allowing users to send a ping data frame function failure, prior to that, it will also increas...
UBUNTU-CVE-2014-7840
The hostfromstreamoffset function in archinit.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted 1 offset or 2 length value in savevm data...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.2 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
CentOS Update for kernel CESA-2009:1193 centos5 i386
Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2009:1193 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...