Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29395

Malicious code in bioql PyPI...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/06/17 3:37 p.m.1 views

GHSA-9GHP-W2HM-VFPF wasmtime_jit_debug Dumps Undefined Memory by `JitDumpFile`

The unsound function dumpcodeloadrecord uses fromrawparts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dumpcodeloadrecord is actually 'unsafe' since it requires the caller to guarantee that the ad...

6.9CVSS7AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/06/17 3:37 p.m.6 views

wasmtime_jit_debug Dumps Undefined Memory by `JitDumpFile`

The unsound function dumpcodeloadrecord uses fromrawparts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dumpcodeloadrecord is actually 'unsafe' since it requires the caller to guarantee that the ad...

7AI score
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: vp_vdpa: fix id_table array not null terminated error

In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix idtable array not null terminated error Allocate one extra virtiodeviceid as null terminator, otherwise vdpamgmtdevgetclasses may iterate multiple times and visit undefined memory...

5.5CVSS6.8AI score0.00234EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/12/02 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the idtable array in the vpvdpa component not being terminated with a null terminator, causing the...

5.5CVSS6.6AI score0.00234EPSS
Exploits0References5
CNVD
CNVD
added 2016/03/17 12:0 a.m.4 views

minissdpd Free Memory Contents Vulnerability

minissdpd is a set of daemons for managing SSDP on Posix systems. A security vulnerability exists in minissdpd version 1.2.20130907-3, which stems from the program failing to properly handle code. An attacker could exploit the vulnerability to free undefined memory contents...

5.5CVSS6.8AI score0.00316EPSS
Exploits0References1
Prion
Prion
added 2014/05/02 2:55 p.m.19 views

Code injection

The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service undefined memory access and system crash or possibly read system memory via multiple crafted packets,...

7.8CVSS7.4AI score0.12824EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2012/06/12 10:55 p.m.17 views

Remote code execution

Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka "insertAdjacentText Remote Code Execution Vulnerability."...

9.3CVSS8.6AI score0.19579EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder