CVE-2021-41751

Buffer overflow vulnerability in file ecma-builtin-array-prototype.c:909 in function ecmabuiltinarrayprototypeobjectslice in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021...

CVE-2020-6840

In mruby 2.1.0, there is a use-after-free in hashslice in mrbgems/mruby-hash-ext/src/hash-ext.c...

CVE-2020-29245

dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData...

CVE-2020-29244

dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame...

CVE-2019-15543

An issue was discovered in the slice-deque crate before 0.2.0 for Rust. There is memory corruption in certain allocation cases...

CVE-2018-20995

An issue was discovered in the slice-deque crate before 0.1.16 for Rust. moveheadunchecked allows memory corruption because deque updates are mishandled...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow through the parsing of H265 slice headers. An attacker can execute code in the context of the current process by leveraging the lack of proper validation of the length of user-supplied data prior to copying i...

UBUNTU-CVE-2025-3887

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

GStreamer 安全漏洞

GStreamer is a GStreamer open source set of frameworks for processing streaming media. A security vulnerability exists in GStreamer that stems from not properly validating the data length when parsing H265 slice headers, which could lead to remote code execution...

Insufficient Control Flow Management

Vyper is vulnerable to Insufficient Control Flow Management. The vulnerability is due to the Vyper compiler skipping evaluation of the start argument in the slice function when length is 0 and the source is a special location like msg.data or .code, allows an attacker to suppress execution of...

CLSA-2025-1747430870 cups-filters: Fix of 2 CVEs

CVE-2024-47175: prevent PPD generation based on invalid IPP response - CVE-2024-47850: do not generate PPD for remote raw queues and add system-cups.slice...

GHSA-3VCG-J39X-CWFM Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

Vyper's `slice()` may elide side-effects when output length is 0

Impact the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. the reason is that for these source locations, the check that length = 1 is skipped:...

Insufficient Control Flow Management

Overview vyper is a Pythonic Smart Contract Language for the EVM. Affected versions of this package are vulnerable to Insufficient Control Flow Management through the slice function. An attacker can bypass the evaluation of side effects in the start argument when the length argument is set to 0,...

CVE-2025-47774

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. The reason is that for these source locations, the...

CVE-2025-47774

CVE-2025-47774 relates to Vyper (Pythonic language for the EVM). The issue affects Vyper versions up to and including 0.4.2rc1 where slice() can elide side effects when length is 0 for certain source bytestrings (e.g., msg.data or .code). The root cause is that the length >= 1 check is skipped...

CVE-2025-47774 Vyper's `slice()` may elide side-effects when output length is 0

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. The reason is that for these source locations, the...

CVE-2025-47774 Vyper's `slice()` may elide side-effects when output length is 0

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. The reason is that for these source locations, the...

CVE-2025-47774 Vyper's `slice()` may elide side-effects when output length is 0

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. The reason is that for these source locations, the...

Vyper 安全漏洞

Vyper is a Pythonic smart contract language for EVM open sourced by vyperlang. A security vulnerability exists in Vyper 0.4.2rc1 and earlier versions, which stems from a slice function that may skip side-effect evaluation when the output length is zero...