MAL-2025-36252 Malicious code in test-mlw2-slice-pales (npm)

The package test-mlw2-slice-pales was found to contain malicious code...

MAL-2025-34897 Malicious code in test-mlw2-ashet-salix-stoup-slice (npm)

The package test-mlw2-ashet-salix-stoup-slice was found to contain malicious code...

RUSTSEC-2025-0053 Multiple memory corruption vulnerabilities in safe APIs

The crate has the following vulnerabilities: - The public trait arenavec::common::AllocHandle allows the return of raw pointers through its methods allocate and allocateorextend. However, the trait is not marked as unsafe, meaning users of the crate may implement it under the assumption that the...

SUSE CVE-2025-54801

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

Linux Distros Unpatched Vulnerability : CVE-2019-9810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerabilit...

GO-2025-3845 Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder in github.com/gofiber/fiber

Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder in github.com/gofiber/fiber...

CVE-2025-54801

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

Fiber 安全漏洞

Fiber is an open source web framework written in the Go language by Fiber Open Source. A security vulnerability exists in Fiber 2.52.8 and earlier versions, which stems from an unvalidated slice index range that could result in an integer overflow or memory exhaustion...

CVE-2025-54801 Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder

Description When using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in the underlying schema decoder. The root cause is that the decoder attempts t...

GHSA-QX2Q-88MX-VHG7 Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder

Description When using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in the underlying schema decoder. The root cause is that the decoder attempts t...

PT-2025-32500 · Git · Libavc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=435086517 Crash type: Heap-buffer-overflow READ 1 Crash state: isvcd decode recon tfr nmb base lyr isvcd parse inter slice data cabac isvcd parse pslice...

OSV-2025-584 Heap-buffer-overflow in isvcd_mark_err_slice_skip

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=434978682 Crash type: Heap-buffer-overflow READ 2 Crash state: isvcdmarkerrsliceskip isvcdvideodecode Codec::decodeFrame...

CLSA-2025-1753729945 gstreamer1-plugins-bad-free: Fix of CVE-2025-3887

CVE-2025-3887: fix H265 slice header parsing to validate numlongtermpics and prevent stack overflow...

GPT-SoVITS-WebUI open_slice function command injection vulnerability

GPT-SoVITS-WebUI is a TTS training model. A command injection vulnerability exists in the GPT-SoVITS-WebUI openslice function, which can be exploited by an attacker to execute arbitrary commands on the system...

allyaudio (>=0.1.0 <=0.4.0), ambisonic (>=0.4.0 <=0.4.1) +130 more potentially affected by unknown CVE via slice-ring-buffer (=0.3.4)

slice-ring-buffer CARGO version =0.3.4 is affected by a known vulnerability. The following packages have a transitive dependency on slice-ring-buffer and may be impacted: - allyaudio =0.1.0, =0.4.0, =0.0.9, =0.0.3, =0.0.1, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.0.0, =0.1.0 - bevykiraaudio =0.4.0 and...

aiowrap (=0.1.0), ambisonic (>=0.1.0 <=0.3.1) +157 more potentially affected by unknown CVE via slice-deque (>=0.1.16 <=0.3.0)

slice-deque CARGO version =0.1.16, =0.1.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.8.0, =0.3.0, =0.3.0, =0.4.0, =0.8.0, =0.15.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-7MCQ-F592-PF7V...

Slice Ring Buffer and Slice Deque contains four unique double-free vulnerabilities triggered through safe APIs

The crate slice-ring-buffer was developed as a fork of slice-deque to continue maintenance and provide security patches, since the latter has been officially unmaintained RUSTSEC-2020-0158. While slice-ring-buffer has addressed some previously reported memory safety issues inherited from its fork...

GHSA-7MCQ-F592-PF7V Slice Ring Buffer and Slice Deque contains four unique double-free vulnerabilities triggered through safe APIs

The crate slice-ring-buffer was developed as a fork of slice-deque to continue maintenance and provide security patches, since the latter has been officially unmaintained RUSTSEC-2020-0158. While slice-ring-buffer has addressed some previously reported memory safety issues inherited from its fork...

PT-2025-30981 · Crates.Io · Slice-Deque +1

The crate slice-ring-buffer was developed as a fork of slice-deque to continue maintenance and provide security patches, since the latter has been officially unmaintained RUSTSEC-2020-0158. While slice-ring-buffer has addressed some previously reported memory safety issues inherited from its fork...