CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xfs: added bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in xlogrecoverprocessdata. We can create a crafted image to trigger an out-of-bounds read...

EulerOS Virtualization 2.13.0 : systemd (EulerOS-SA-2025-2601)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a...

EUVD-2025-16486

Malicious code in bioql PyPI...

EUVD-2024-23243

Malicious code in bioql PyPI...

EUVD-2025-5858

Malicious code in bioql PyPI...

CVE-2022-50354 drm/amdkfd: Fix kfd_process_device_init_vm error handling

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...

Privacy and Confidentiality Requirements Engineering for Process Data

The application and development of process mining techniques face significant challenges due to the lack of publicly available real-life event logs. One reason for companies to abstain from sharing their data are privacy and confidentiality concerns. Privacy concerns refer to personal data as...

UBUNTU-CVE-2024-56666

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Dereference null return value In the function pqmuninit there is a call-assignment of "pdd = kfdgetprocessdevicedata" which could be null, and this value was later dereferenced without checking...

Siemens SIMATIC SCADA and PCS 7 systems Remote Code Execution Vulnerability

SIMATIC Information Server is used to report and visualize process data stored in SIMATIC process Historian, the SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC PCS-neo long-term archiving system. It stores process values, alarms, and batch data from the production plant in its database and provides...

CVE-2023-22308

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

SoftEther VPN Number Error Vulnerability

SoftEther VPN is an open source cross-platform multi-protocol VPN Virtual Private Network application. A numeric error vulnerability exists in SoftEther VPN versions 5.01.9674 and 5.02, which stems from an integer overflow vulnerability in the vpnserver OvsProcessData function that can be exploit...

CVE-2022-29550

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials from environment variables to disk in cleartext. NOTE: there are no common circumstances in which...

Linux Kernel Bug Opens Door to Wider Cyberattacks

An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. Specifically, the bug CVE-2020-28588 exists in the /proc/pid/syscall functionality of 32-bit ARM devices running...

JT2Go 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens, Germany.Siemens Jt2go is a JT file viewer. The software is used for lightweight previewing of 3D graphics with 3D zoom, panorama, rotation, scaling and repositioning, accurate 3D measurements, basic 3D profile viewin...

JT2Go 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens, Germany.Siemens Jt2go is a JT file viewer. The software is used for lightweight previewing of 3D graphics with 3D zoom, panorama, rotation, scaling and repositioning, accurate 3D measurements, basic 3D profile viewin...

CVE-2020-0100

In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...

USN-4171-1 apport vulnerabilities

Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. CVE-2019-11481 Sander Bos discovered a race-condition in Apport during core dump creation. This...

CVE-2017-9327

Secret data of processes managed by CM is not secured by file permissions...