[SECURITY] Fedora 43 Update: rust-astral_async_zip-0.0.18~rc4-2.fc43

An asynchronous ZIP archive reading/writing crate...

CVE-2026-31965

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cramdecodeslice function called while reading CRAM records, validation of the reference id field occurred too late, allowing two out of bounds read...

AudioFile 缓冲区错误漏洞

AudioFile is a simple header-only C++ library from Adam Stark's personal developer in the UK. It is used to read and write audio files. A security vulnerability exists in AudioFile, which stems from a heap buffer overflow contained in the function fouBytesToInt:AudioFile.h. The vulnerability is...

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

Authentication flaw

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing...

CVE-2018-13821

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing...

CVE-2018-13821

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE attacks. The attack exists due to a detached buffer bug that causes arbitrary memory reading and writing that can cause arbitrary code to be executed. This CVE is unique from CVE-2018-8286, CVE-2018-8290, CVE-2018-8294...