136 matches found
EUVD-2025-25550
Malicious code in bioql PyPI...
Examining I2P Resilience: Effect of Centrality-Based Attack
This study examines the robustness of I2P, a well-regarded anonymous and decentralized peer-to-peer network designed to ensure anonymity, confidentiality, and circumvention of censorship. Unlike its more widely researched counterpart, TOR, I2P's resilience has received less scholarly attention...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a missing path length check in the auditcomparednamepath function, which could lead to an out-of-bounds read...
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.
...
CVE-2025-7039
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
UBUNTU-CVE-2025-7039
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
CVE-2025-7039 Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file()
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
SUSE CVE-2025-7039
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
CVE-2025-9809
Out-of-bounds write in cdfsopencuetrack in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATHMAXLENGTH that is copied using memcpy into a fixed-size buffer...
CVE-2025-9809
Out-of-bounds write in cdfsopencuetrack in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATHMAXLENGTH that is copied using memcpy into a fixed-size buffer...
CVE-2025-9809
Out-of-bounds write in cdfsopencuetrack in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATHMAXLENGTH that is copied using memcpy into a fixed-size buffer...
CVE-2025-9809
Out-of-bounds write in cdfsopencuetrack in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via a crafted .cue file with a file path exceeding PATHMAXLENGTH that is copied using memcpy into a fixed-size buffer...
PT-2025-35505
Name of the Vulnerable Software and Affected Versions libretro libretro-common affected versions not specified Description An out-of-bounds write issue exists in the cdfs open cue track function. This allows remote attackers to execute arbitrary code via a crafted .cue file. The issue occurs when...
SUSE CVE-2025-38652
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
DEBIAN-CVE-2025-38652
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
AZL-66596 CVE-2025-38652 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
UBUNTU-CVE-2025-38652
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
CVE-2025-38652 f2fs: fix to avoid out-of-boundary access in devs.path
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...
CVE-2025-38652
CVE-2025-38652: In the Linux kernel, a f2fs path handling bug can cause out-of-bounds access when constructing devs.path for a device, due to sbi->devs.path[] not leaving space for the trailing null terminator. Root cause: device path storage (path[MAX_PATH_LEN]) can be fully filled, causing p...
CVE-2025-38652
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - touc...