Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the file hw/net/e1000ecore.c contains an infinite loop that occurs due to a NULL buffer address in the RX descriptor...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed the issue where NULL sndbufdesc was used in smccdctxhandler. When performing a stress test on SMC-R using the rmmod mlx5ib driver during the wrk/nginx test, we found that there is a possibility of triggering a pani...

CVE-2026-4359 Heap-buffer-over-read in _mongoc_http_send via strstr on non-null-terminated buffer

A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver...

EUVD-2025-201862

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix oops in xegemfault when running corehotunplug test. I saw an oops in xegemfault when running the xe-fast-feedback testlist against the realtime kernel without debug options enabled. The panic happens after corehotunpl...

EUVD-2020-21307

Malware in sbrugna...

EUVD-2006-6479

Malware in sbrugna...

EUVD-2023-37278

Malicious code in bioql PyPI...

CVE-2021-29581

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.CTCBeamSearchDecoder, an attacker can trigger denial of service via segmentation faults. The...

CVE-2022-21546 scsi: target: Fix WRITE_SAME No Data Buffer crash

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like "sgwritesame --ndob" we...

OESA-2024-1993 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Only free buffer VA that is not NULL In the MediaTek vcodec driver, while mtkvcodecmemfree is mostly called only when the buffer to free...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the media:mediatek:vcodec module in mtkvcodecmemfree, which sometimes fails to check if a buffer is NULL,...

BIT-TENSORFLOW-2021-29592 Null pointer dereference in TFLite's `Reshape` operator

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

CVE-2023-51394 Potential DoS for EFR32xxx parts in high traffic environments due to null buffer dereference / crash

High traffic environments may result in NULL Pointer Dereference vulnerability in Silicon Labs's Ember ZNet SDK before v7.4.0, causing a system crash...

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN vdev...

PT-2023-24180 · Qualcomm · 315 5G Iot Modem Firmware +205

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a Transient Denial of Service DOS that occurs when processing a NULL buffer while parsing WLAN vdev. No information is provided...

SUSE CVE-2021-29592

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

QEMU: e1000e: infinite loop scenario in case of null packet descriptor

An infinite loop flaw was found in the e1000e device emulator in QEMU. This issue could occur while receiving packets via the e1000ewritepackettoguest routine, if the receiveRX descriptor has a NULL buffer address. This flaw allows a privileged guest user to cause a denial of service. The highest...

CVE-2021-29592

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

CVE-2021-29592

TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209https://vulners.com/cve/CVE-2020-15209 missed the case when the target shape of Reshape operator is given by the elements of a 1-D tensor. As such, the fix for the...

CVE-2021-29581

TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in tf.rawops.CTCBeamSearchDecoder, an attacker can trigger denial of service via segmentation faults. The...