EUVD-2025-209624

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

PT-2026-36827

An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXParser.cpp, ParseVectorDataArray...

GoBGP 缓冲区错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a buffer error vulnerability. This vulnerability stems from an out-of-bounds read in the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody...

fast-uri 路径遍历漏洞

fast-uri is an open-source, dependency-free RFC 3986 URI parser and toolkit developed by Fastify. Versions of fast-uri 3.1.0 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the normalize and equal functions decoding percent-encoded path separators and dots,...

RHCOS 4 : OpenShift Container Platform 4.13.53 (RHSA-2024:8690)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8690 advisory. - Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library CVE-2024-9341 - buildah: Build...

PT-2026-36924

ITEMS ADDED: Filters Add filter for Atmos PM-5173 Filters Add filter for audio layout PM-5118 Filters Add filters for video, audio, and subtitle codecs PM-5117 Metadata Add support for RottenTomatoes audience and average ratings to Nfo parser PM-5176 Metadata Detect Dolby Atmos PM-4004 Metadata...

PT-2026-37163

Name of the Vulnerable Software and Affected Versions changedetection.io versions 0.54.9 and earlier Description The software contains an XML External Entity XXE issue where the xpath filter function switches to XML mode for XML/RSS content and creates an etree.XMLParserstrip cdata=False without...

RHCOS 4 / 9 : OpenShift Container Platform 4.17.2 (RHSA-2024:8232)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8232 advisory. - github.com/jaraco/zipp: Denial of Service infinite loop via crafted zip file in jaraco/zipp CVE-2024-5569 - go/parser: golang:...

RHCOS 4 : OpenShift Container Platform 4.16.18 (RHSA-2024:8263)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8263 advisory. - Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library CVE-2024-9341 - go/parser:...

Astra Linux - уязвимость в linux

A use-after-free flaw was discovered in cgroup1parseparam in kernel/cgroup/cgroup-v1.c within the Linux kernel’s cgroup v1 parser. A local attacker with user privileges could exploit the fsconfig syscall parameter to escalate privileges, resulting in a container breakout and a denial of service o...

Astra Linux - уязвимость в bind9

The DNS message parsing code in named includes a section whose computational complexity is excessively high. This does not cause problems for typical DNS traffic, but crafted queries and responses may lead to excessive CPU load on the affected named instance by exploiting this flaw. This issue...

Astra Linux - уязвимость в ruby-rack

Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforced its paramslimit only for parameters separated by &, while still splitting on both & and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters...

Astra Linux - уязвимость в cgal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...

Astra Linux - уязвимость в cgal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

Astra Linux - уязвимость в cgal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could result in code execution. An attacker can provide malicious input to trigger...

Astra Linux - уязвимость в golang-golang-x-net, containerd-app

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to a Denial-of-Service DoS attack if an attacker provides specially crafted HTML content...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd: Fixed an out-of-bounds error in the BIOS parser. The array size is hardcoded to 8 in atomfirmware.h, but sometimes the firmware uses a larger array size. Deferencing the larger array causes an out-of-bounds error. The...

Astra Linux - уязвимость в firefox

Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Astra Linux - уязвимость в libtasn1-6

GNU Libtasn1-4.13 libtasn1-4.13 version. libtasn1-4.13 contains a DoS vulnerability. Specifically, CPU usage will reach 100% when running asn1Paser against the POC due to a problem in asn1expandobjectidptree. After some time, the program will terminate. This vulnerability seems to be exploitable ...

Astra Linux - уязвимость в python2.7, python3.11, python3.7

The html.parser.HTMLParser class has worst-case quadratic complexity when processing certain malformed inputs, which could potentially lead to a heightened denial-of-service attack...