12704 matches found
JLSEC-2026-427 When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in...
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
CVE-2026-5654
A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause the application to crash by exploiting an issue within the AMR-NB codec. Successful exploitation leads to a denial of service, which prevents Wireshark from functioning and analyzing network traffic. Mitigation To...
CVE-2025-70072
Summary of CVE-2025-70072 (Assimp 6.0.2) : A denial-of-service vulnerability arises in the FBXConverter.cpp, specifically in FBXConverter::ConvertMeshMultiMaterial(). The issue is triggered remotely and impacts the application’s ability to process certain mesh materials, as described in the conne...
Assimp 资源管理错误漏洞
Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Version 6.0.2 of Assimp contains a resource management vulnerability. This vulnerability originates from the ConvertMeshMultiMaterial method in FBXConverter.cpp, and it could all...
CVE-2025-70072
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial components...
CVE-2025-70072
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial components...
EUVD-2025-209622
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial components...
PT-2026-36995
Name of the Vulnerable Software and Affected Versions lxc versions prior to 7.0.0 Description A logic flaw in the find line function of the lxc-user-nic setuid helper allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When scanning the NIC database to...
FunFuzz: An LLM-Powered Evolutionary Fuzzing Framework
Modern fuzzers increasingly use Large Language Models LLMs to generate structured inputs, but LLM-driven fuzzing is sensitive to prompt initialization and sampling variance, which can reduce exploration efficiency and lead to redundant inputs. We present FunFuzz, a multi-island evolutionary fuzzi...
Revisiting JBShield: Breaking and Rebuilding Representation-Level Jailbreak Defenses
Defending large language models LLMs against jailbreak attacks, such as Greedy Coordinate Gradient GCG, remains a challenge, particularly under adaptive threat models where an attacker directly targets the defense mechanism. JBShield, a recent jailbreak defense with a 0% attack success rate in so...
CVE-2025-70072
An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp, FBXConverter::ConvertMeshMultiMaterial components...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: The issue of tag leaks during the shrink nrhwqueues operation has been fixed. Although we don’t need to reallocate the set-tags array when performing shrink nrhwqueues, we still need to free those tags. Otherwise, these...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Bridge – Fix for use-after-free due to bypassing the port’s state 1 Syzbot reported a use-after-free when deleting an expired fdb. This issue arises due to a race condition between the ongoing learning process and the deleti...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: XArray: Fixed the issue with xascreaterange when a multi-index entry is present. If there is already an entry present that is of order = XACHUNKSHIFT when we call xascreaterange, xascreaterange will misinterpret that entry as a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: fixed the Rx page leak in multi-buffer frames. The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed the NULL dereference on q-elevator in blkmqelvswitchnone. After acquiring the q-sysfslock, q-elevator may become NULL due to the elevator switch. Fixed the NULL dereference on q-elevator by checking it with a lock...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: AppArmor: A memory leak has been fixed in multitransactionnew. In multitransactionnew, the variable t is not freed or passed away after a failure in the copyfromusert-data, buf, size operation. This could lead to a memory leak...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a memory leak in blkmqinitallocatedqueue. There is a memory leak caused by modprobe nullblk.ko. Unreferenced object 0xffff8881acb1f000 size 1024: - Command: “modprobe”, PID: 836, Jiffies: 4294971190 Age: 27.068...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Added multi-thread support for DMA channels. When a DMA channel is obtained and tried to be used across multiple threads, it can lead to errors and cause the system to hang. bash % echo 100...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ structure failed. There is one issue that arises during fault injection tests: An unreferenced object with a size of 512 bytes: bash comm "insmod", pid 308021,...