EUVD-2022-51205

Malicious code in bioql PyPI...

CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

AZL-66057 CVE-2025-54350 affecting package iperf3 for versions less than 3.17.1-3

In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...

CVE-2022-48509

Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Share. Successful exploitation of this vulnerability may cause the program to exit abnormally...

DEBIAN-CVE-2025-37948

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

AZL-56379 CVE-2024-45339 affecting package glog 0.3.5-16

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

CVE-2024-45339

CVE-2024-45339 affects the Go glog package. The issue arises when logs are written to a widely-writable directory: an unprivileged attacker could predict a privileged process’s log path and pre-create a symlink to a sensitive file, causing the process to overwrite it. The fix is to have glog exit...

glibc: null pointer dereferences after failed netgroup cache insertion

A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...

CVE-2024-26782

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inetopt' for the new socket has the same value as the original one: as a...

CVE-2024-26782

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix double-free on socket dismantle when MPTCP server accepts an incoming connection, it clones its listener socket. However, the pointer to 'inetopt' for the new socket has the same value as the original one: as a...

CVE-2022-48509

CVE-2022-48509 describes a race condition in Huawei Share within Huawei HarmonyOS caused by multi-thread access to mutually exclusive resources. The vulnerability may cause the affected program to exit abnormally if exploited. Based on available sources, the issue is a race condition with impact ...

Huawei HarmonyOS 竞争条件问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from Huawei sharing a conditional contention vulnerability due to multi-threaded access to...

The gotcha of unhandled promise rejections

Let's say you wanted to display a bunch of chapters on the page, and for whatever reason, the API only gives you a chapter at a time. You could do this: async function showChapterschapterURLs for const url of chapterURLs const response = await fetchurl; const chapterData = await response.json;...

Buffer Overflow Vulnerability in IEC104

The IEC104 statute is an international standard widely used in industries such as electric power and urban rail transit. A buffer overflow vulnerability exists in IEC104, which can be exploited by an attacker to trigger a stack buffer overflow and cause a program exit...

Denial of Service Vulnerability in ForceControl V7.2 Product NetServer.exe

ForceControl is the configuration software developed by ForceControl Technology for the general monitoring and control configuration software market. As the basic platform software in industrial automation software, ForceControl can provide solutions for all kinds of industries. A denial of servi...