EUVD-2020-18316

Malware in sbrugna...

EUVD-2021-26800

Malware in sbrugna...

EUVD-2022-49131

Malicious code in bioql PyPI...

CVE-2025-0009

CVE-2025-0009 describes a NULL pointer dereference in AMD Crash Defender that could allow a local attacker to write a NULL output to a log file, potentially causing a system crash and loss of availability. Affected: AMD Crash Defender (AMD Graphics vulnerabilities). Root cause: NULL pointer deref...

CVE-2025-54610

Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2022-27668

Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC...

golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents

A flaw was found in Go, where it attempts to allocate excessive memory. This issue may cause panic or unrecoverable fatal error if passed inputs with very large exponents. The highest threat from this vulnerability is to system availability...

Huawei HarmonyOS and EMUI Cracking Vulnerabilities

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to a cracking...

PrestaShop SQL注入漏洞

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. A SQL injection vulnerability exists in PrestaShop/paypal versions 3.12.0 through 3.16.3. An attacker could...

CVE-2023-25617

SAP Business Object Adaptive Job Server - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom application based on the...

SUSE CVE-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

CVE-2022-46314

The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-38996

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31753

The voice wakeup module has a vulnerability of using externally-controlled format strings. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

rpm: missing length checks in hdrblobInit()

A flaw was found in RPM’s hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

nettle: Out of bounds memory access in signature verification

A flaw was found in Nettle, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an...

CVE-2021-20190

A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

MGASA-2020-0464 Updated openjpeg2 packages fix security vulnerabilities

A heap-buffer overwrites error was discovered in lib/openjp2/mqc.c in OpenJPEG 2.3.1. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution CVE-2020-27814. A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker ...

nodejs-lodash: prototype pollution in zipObjectDeep function

A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability...