EUVD-2025-34779

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

CVE-2025-62495

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

CVE-2025-62495

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

BIT-PYTHON-MIN-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...

BIT-PYTHON-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...

BIT-LIBPYTHON-2025-8291 ZIP64 End of Central Directory (EOCD) Locator record offset not checked

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...

ZIP64 End of Central Directory (EOCD) Locator record offset not checked

...

SUSE CVE-2025-39954

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset was left out of the .recalcrate readback function. This causes the clock rate to become bogus or even ze...

EUVD-2025-33329

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset was left out of the .recalcrate readback function. This causes the clock rate to become bogus or even ze...

CVE-2025-39954

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset was left out of the .recalcrate readback function. This causes the clock rate to become bogus or even ze...

CVE-2025-39954

The CVE-2025-39954 issue concerns the Linux kernel (clk: sunxi-ng: mp) where the P divider offset was omitted in the .recalc_rate readback for dual-divider clocks, causing the reported clock rate to be bogus or zero. The COMMITs in the connected sources indicate that the problem arises specifical...

CVE-2025-39954 clk: sunxi-ng: mp: Fix dual-divider clock rate readback

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset was left out of the .recalcrate readback function. This causes the clock rate to become bogus or even ze...

CVE-2025-47349 Use of Out-of-range Pointer Offset in DSP Service

Memory corruption while processing an escape call...

CVE-2025-47349

CVE-2025-47349 describes memory corruption in Qualcomm chipsets when processing an escape call, related to an out-of-range pointer offset in the DSP service. The Red Hat/NVD/CVE records corroborate a memory corruption impact with high severity (local, attacker requires low privileges, no user int...

CVE-2025-47349 Use of Out-of-range Pointer Offset in DSP Service

Memory corruption while processing an escape call...

CVE-2025-27059

CVE-2025-27059 is a memory corruption issue occurring when performing an SCM call in Qualcomm TZ firmware. The CVE entry and multiple connected sources (Red Hat, NVD, CVEList, CNNVD) describe memory corruption triggered during SCM calls, with the CVEList title explicitly noting use of an out-of-r...

CVE-2025-27059 Use of Out-of-range Pointer Offset in TZ Firmware

Memory corruption while performing SCM call...

PT-2025-41365

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A flaw exists in the Linux kernel’s clock subsystem, specifically within the sunxi-ng module related to dual-divider clocks. The issue stems from an incomplete calculation in the clock...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a dual-split clock rate readback that does not include a P-splitter offset, which could result in an incorrect o...

SUSE CVE-2025-8291

The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be abused to create Z...