postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

Astra Linux – Vulnerability in exiv2

An invalid memory address dereferencing was discovered in the Exiv2::DataValue::read method in value.cpp in Exiv2 0.26. This vulnerability causes a segmentation fault and an application crash, resulting in a denial of service...

Astra Linux – Vulnerability in netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent attempts to use realloc on a block that has not been allocated, resulting in an invalid free operation and a segmentation fault...

Astra Linux – Vulnerability in Mariadb 10.3

It has been discovered that MariaDB Server v10.9 and earlier contain a segmentation fault through the component sql/itemcmpfunc.cc...

Astra Linux – Vulnerability in libde265

There is an incorrect access control vulnerability in libde265 v1.0.8 due to a SEGV in slice.cc...

Astra Linux – Vulnerability in binutils

There is a heap-based buffer overflow issue in the function dexpression1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. A crafted input can cause segmentation faults, leading to denial-of-service attacks, as demonstrated by c++filt...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfc: fixed a segfault in nfcgenldumpdevicesdone When kmalloc in nfcgenldumpdevices fails, nfcgenldumpdevicesdone causes a segfault as follows: KASAN: null-ptr-deref in range 0x0000000000000008-0x000000000000000f CPU: 0 PID: 25...

Astra Linux – Vulnerability in cjson

It has been discovered that cJSON v1.7.16 contains a segmentation violation due to the use of the cJSONSetValuestring function in the cJSON.c file...

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

CVE-2025-55663

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2025-55663

GPAC MP4Box v2.4 is affected by a vulnerability in Track_SetStreamDescriptor (isomedia/track.c) where a malformed MP4 file can trigger a segmentation fault, leading to Denial of Service. The issue is caused by a segmentation violation inside Track_SetStreamDescriptor, enabling DoS via crafted inp...

CVE-2025-55663

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2026-4870

IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontrolled recursion in the parser...

EUVD-2026-36575

IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denial of service due to uncontrolled recursion in the parser...

PT-2026-48989

Name of the Vulnerable Software and Affected Versions IBM Qiskit SDK versions 0.43.0 through 2.5.0 Description Uncontrolled recursion in the parser can allow an attacker to trigger a segmentation fault, resulting in a denial of service. A segmentation fault occurs when a program attempts to acces...

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

FreeSWITCH 安全漏洞

FreeSWITCH is a free and open-source communication software developed by Anthony Minessale, an individual developer from the United States. This software can be used to create audio, video, and messaging-related products and applications. Prior to FreeSWITCH version 1.11.1, there were security...

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...

CVE-2025-52293

A segmentation violaton in the gfhevcreadspsbsinternal function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying crafted HEVC SPS data...