CVE-2022-40111

In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware...

CVE-2022-32558

An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure...

CVE-2021-39515

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::ParseMCU located in sampleinterleavedlsscan.cpp. It allows an attacker to cause Denial of Service...

CVE-2020-3661

Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAXUINT32 range due to lack of validation checks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2020-3658

Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...

CVE-2020-3660

Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...

CVE-2019-17493

Jiangnan Online Judge aka jnoj 0.8.0 has XSS via the Problemsampleinput parameter to web/admin/problem/create or web/polygon/problem/update...

CVE-2019-17528

An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4Processor::ProcessFragments in Core/Ap4Processor.cpp...

CVE-2019-17529

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4Atom::Inspect in Core/Ap4Atom.cpp...

CVE-2011-5238

google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

Malicious code in com.meta.xr.sdk.avatars.sample.assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09a9d5a626622260968ebe26077b57efd3ec56b069d8808fe569f79523a7095a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2025-37938

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

CVE-2025-37938

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

UBUNTU-CVE-2025-37938

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

FedGraM: Defending against Untargeted Attacks in Federated Learning Via Embedding Gram Matrix

Federated Learning FL enables geographically distributed clients to collaboratively train machine learning models by sharing only their local models, ensuring data privacy. However, FL is vulnerable to untargeted attacks that aim to degrade the global model's performance on the underlying data...

PT-2025-25829

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which was causing a segfault when using PEBS-via-PT with a sample frequency instead of a sample period. The issue occurred because...

gstreamer1-plugins-good: OOB-read in qtdemux_merge_sample_table

A flaw was found in the GStreamer library. When handling raw audio tracks, out-of-bounds reads in the MP4/MOV demuxer's sample table parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

Security update for ffmpeg

This update for ffmpeg fixes the following issues: CVE-2025-22921: Clear array length when freeing it. bsc1237382 CVE-2025-0518: Fix memory data leak when use sscanf. bsc1236007 CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate = 0. bsc1237371 CVE-2024-12361: Add check f...

SUSE-SU-2025:1450-1 Security update for ffmpeg

This update for ffmpeg fixes the following issues: - CVE-2025-22921: Clear array length when freeing it. bsc1237382 - CVE-2025-0518: Fix memory data leak when use sscanf. bsc1236007 - CVE-2025-22919: Check for valid sample rate, to fix the invalid sample rate = 0. bsc1237371 - CVE-2024-12361: Add...

Cert-SSB: toward Certified Sample-Specific Backdoor Defense

Deep neural networks DNNs are vulnerable to backdoor attacks, where an attacker manipulates a small portion of the training data to implant hidden backdoors into the model. The compromised model behaves normally on clean samples but misclassifies backdoored samples into the attacker-specified...