EUVD-2025-18301

Malicious code in bioql PyPI...

A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).

...

SUSE CVE-2025-9230

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

CVE-2025-9230

CVE-2025-9230 describes an out-of-bounds read (and potential write) when decrypting CMS messages encrypted with password-based (PWRI) encryption in OpenSSL. The issue can cause a crash (Denial of Service) or memory corruption with possible code execution, though exploitability is considered low a...

PT-2025-39986

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.1.1zd, and 1.0.2zm. Description: OpenSSL contains vulnerabilities due to out-of-bounds read and write issues. Specifically, an out-of-bounds read and write can occur when...

SUSE CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

CodeQL zero to hero part 5: Debugging queries

When you're first getting started with CodeQL, you may find yourself in a situation where a query doesn't return the results you expect. Debugging these queries can be tricky, because CodeQL is a Prolog-like language with an evaluation model that's quite different from mainstream languages like...

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.

...

Unspecified Vulnerability in PyTorch (CNVD-2025-23279)

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from a syntax error in the component proxytensor.py, which can be exploited by an attacker to cause a denial of service...

CVE-2025-10954

The CVE-2025-10954 entry concerns the Go package github.com/nyaruka/phonenumbers prior to version 1.2.2, where the phonenumbers.Parse() function may panic due to improper validation of input syntax, causing a runtime slice bounds error. Affected component: phonenumbers.Parse() in the library; roo...

DEBIAN-CVE-2025-59362

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...

CVE-2025-59362

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...

CVE-2025-59362

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asnbuildobjid in lib/snmplib/asn1.c...

CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

PYSEC-2025-205

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

PYSEC-2025-205

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

UBUNTU-CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

Improper Validation of Syntactic Correctness of Input

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the torch.Tensor.random function when a model is compiled with Inductor. An attacker can caus...

CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...