33 matches found
CVE-2026-34548
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...
EUVD-2008-4047
Malware in sbrugna...
EUVD-2024-0177
Malicious code in bioql PyPI...
EUVD-2022-36122
Malicious code in bioql PyPI...
CBL Mariner 2.0 Security Update: libsndfile (CVE-2022-33065)
The version of libsndfile installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-33065 advisory. - Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and...
ALSA-2024:3214 Moderate: gmp security update
The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...
SUSE CVE-2024-26849
In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nlavalidaterangeunsigned lib/nlattr.c:222 inline BUG: KMSAN: uninit-value in nlavalidateintrange lib/nlattr.c:336 inline BUG: KMSAN: uninit-value in...
Moderate: Red Hat Security Advisory: gmp security update
An update for gmp is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PYSEC-2024-150
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...
Design/Logic Flaw
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...
CVE-2024-24563 Vyper array negative index vulnerability
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...
EulerOS 2.0 SP10 : libsndfile (EulerOS-SA-2024-1087)
According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in...
EulerOS 2.0 SP9 : libsndfile (EulerOS-SA-2023-3338)
According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in...
Amazon Linux 2 : libsndfile (ALAS-2024-2404)
The version of libsndfile installed on the remote host is prior to 1.0.25-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2404 advisory. Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in...
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2024-1063)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Low: Red Hat Security Advisory: gmp security and enhancement update
An update for gmp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...
Low: gmp security and enhancement update
The gmp packages contain GNU MP, a library for arbitrary precision arithmetics, signed integers operations, rational numbers, and floating point numbers. Security Fixes: gmp: Integer overflow and resultant buffer overflow via crafted input CVE-2021-43618 For more details about the security issues...
Buffer overflow
Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...
SUSE CVE-2017-8419
LAME through 3.99.5 relies on the signed integer data type for values in a WAV or AIFF header, which allows remote attackers to cause a denial of service stack-based buffer overflow or heap-based buffer overflow or possibly have unspecified other impact via a crafted file, as demonstrated by...
SUSE CVE-2017-9106
An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...