Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption that occurs when processing the TESTPATTERNCONFIG escape path...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing camera TPG write requests...

SUSE CVE-2025-38226

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

UBUNTU-CVE-2025-38226

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

ETrace:Event-Driven Vulnerability Detection in Smart Contracts Via LLM-Based Trace Analysis

With the advance application of blockchain technology in various fields, ensuring the security and stability of smart contracts has emerged as a critical challenge. Current security analysis methodologies in vulnerability detection can be categorized into static analysis and dynamic analysis...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the scopedpadder function in patternformatter-inl.h. An attacker can cause excessive resource usage by manipulating input processed by this function. Details Denial of Service DoS describes a family of attacks,...

CVE-2025-6140

spdlog up to 1.15.1 contains a vulnerability in the function scoped_padder (pattern_formatter-inl.h) that enables resource consumption on the local host. The issue is disclosed publicly, with upgrade to 1.15.2 addressing it (patch identifier 10320184df1eb4638e253a34b1eb44ce78954094). Affected com...

Mitigating Data Poisoning Attacks to Local Differential Privacy

The distributed nature of local differential privacy LDP invites data poisoning attacks and poses unforeseen threats to the underlying LDP-supported applications. In this paper, we propose a comprehensive mitigation framework for popular frequency estimation, which contains a suite of novel...

Security update for systemd

This update for systemd fixes the following issues: coredump: use %d in kernel core pattern CVE-2025-4598 Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific umount: do not move busy network mounts bsc1236177 man/pstore.conf: pstore.conf template is not alway...

SUSE-SU-2025:20416-1 Security update for systemd

This update for systemd fixes the following issues: - coredump: use %d in kernel core pattern CVE-2025-4598 - Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific - umount: do not move busy network mounts bsc1236177 - man/pstore.conf: pstore.conf template is n...

SUSE-SU-2025:20405-1 Security update for systemd

This update for systemd fixes the following issues: - coredump: use %d in kernel core pattern CVE-2025-4598 - Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific - umount: do not move busy network mounts bsc1236177 - man/pstore.conf: pstore.conf template is n...

Security update for systemd

This update for systemd fixes the following issues: coredump: use %d in kernel core pattern CVE-2025-4598 Revert "macro: terminate the temporary VAARGSFOREACH array with a sentinel" SUSE specific umount: do not move busy network mounts bsc1236177 man/pstore.conf: pstore.conf template is not alway...

Security update for transfig

This update for transfig fixes the following issues: Update to fig2dev version 3.2.9a CVE-2025-31162: Fixed a floating point exception in fig2dev in getslope function bsc1240380. CVE-2025-31163: Fixed a segmentation fault in fig2dev in putpatternarc function bsc1240381. CVE-2025-31164: Fixed a he...

vuejs Vue CLI 安全漏洞

vuejs Vue CLI is a webpack-based Vue.js development tool open-sourced by Vue. A security vulnerability exists in vuejs Vue CLI version 5.0.8 and earlier, which stems from an inefficient regular expression complexity in the function HtmlPwaPlugin...

CVE-2024-53017

Memory corruption while handling test pattern generator IOCTL command...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a possible memory corruption when processing the Test Pattern Generator IOCTL command...

Improper Input Validation

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Improper Input Validation in the pattern and type fields. An attacker can cause a crash of the inference worker by sending inputs containing...

vLLM 输入验证错误漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. An input validation error vulnerability exists in vLLM versions prior to 0.8.0 through 0.9.0, which stems from accidental or malformed inputs in the pattern and type fields that are not...

systemd security update

239-82.0.4.5 - coredump: use %d in kernel core pattern - CVE-2025-4598...

systemd security update

252-51.0.2 - coredump: use %d in kernel core pattern - CVE-2025-4598...