57 matches found
::Engine security vulnerabilities
is::Engine is a game engine developed by Is Daouda personally. Versions of is::Engine prior to 3.3.4 contained security vulnerabilities, which stemmed from the issue of memory being retained after the effective lifetime of objects had ended...
EUVD-2019-15379
Malware in sbrugna...
EUVD-2016-2730
Malware in sbrugna...
EUVD-2018-17874
Malware in sbrugna...
EUVD-2021-7343
Malicious code in bioql PyPI...
CVE-2023-53515
In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vmdev struct with devres totally breaks this...
CVE-2023-53515
CVE-2023-53515 affects the Linux kernel virtio-mmio subsystem. The issue stems from allocating vm_dev with devres, which breaks the vm_dev lifecycle tied to a struct device; when the platform_device is removed, the memory is freed before vm_dev release, causing a use-after-free when the release c...
CVE-2025-38673
CVE-2025-38673 impacts the Linux kernel. The issue arises from the stability of the dma_buf field in struct drm_gem_object across a GEM object’s lifetime, which can become NULL after the final GEM handle is released, leading to a NULL-pointer dereference. Public documents indicate that prior work...
CVE-2025-38672 Revert "drm/gem-dma: Use dma_buf from GEM object instance"
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dmabuf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes...
CVE-2025-24120
This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An attacker may be able to cause unexpected app termination...
CVE-2021-1879
This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...
CVE-2025-24120
This issue was addressed by improved management of object lifetimes. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An attacker may be able to cause unexpected app termination...
PT-2025-5294 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 Description: This issue is related to improved management of object lifetimes. An attacker may be able to cause unexpected app termination. The issue i...
K91025336: Linux kernel vulnerability CVE-2019-13272
Security Advisory Description In the Linux kernel before 5.1.17, ptracelink in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child...
SUSE CVE-2018-6111
An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a crafted HTML page...
SUSE CVE-2019-5807
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-1879
This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...
CVE-2021-1879
CVE-2021-1879 affects Apple WebKit/WebKit-based parsing in iOS/iPadOS/watchOS (WebKit component). The issue is a cross-site scripting vulnerability triggered by processing malicious web content, potentially leading to universal XSS. Root cause: improved management of object lifetimes in WebKit/CS...
CVE-2021-1879
This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...