CVE-2026-33753 Improper Certificate Validation in rfc3161-client

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw i...

PT-2026-31325

Name of the Vulnerable Software and Affected Versions rfc3161-client versions prior to 1.0.6 Description An authorization bypass issue exists in rfc3161-client's signature verification. An attacker can impersonate a trusted TimeStamping Authority TSA by exploiting a flaw in how the library extrac...

HSEC-2023-0001 Hash flooding vulnerability in aeson

Hash flooding vulnerability in aeson aeson was vulnerable to hash flooding a.k.a. hash DoS. The issue is a consequence of the HashMap implementation from unordered-containers. It results in a denial of service through CPU consumption. This technique has been used in real-world attacks against a...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: perf/core: Order the PMU list to fix warning about unordered pmuctxlist Syskaller triggers a warning due to prevepc-pmu != nextepc-pmu in perfeventswaptaskctxdata. vmcore shows that two lists have the same perfeventpmucontext, bu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PMU list ordering issue resulting in a warning about an unordered pmuctxlist...

Linux Distros Unpatched Vulnerability : CVE-2022-3433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the pinmux driver accessing desc-pinmux data in an unordered manner, which could lead to a NULL pointer...

CLSA-2024-1730479989 Fix CVE(s): CVE-2023-7347, CVE-2024-7347

SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347...

CLSA-2024-1730478623 Fix CVE(s): CVE-2023-7347, CVE-2024-7347

SECURITY UPDATE: mp4 module allows buffer underread and unordered chunks - debian/patches/CVE-2024-7347.patch: fix buffer underread while updating stsz atom and reject unordered chunks - CVE-2023-7347...

ROS-20240815-12

The JSON aeson analysis and encoding library vulnerability is related to the creation of a hash collision in the unordered-containers base library by sending specially crafted JSON data. Exploitation of the of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

DEBIAN-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

UBUNTU-CVE-2022-3433

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying unordered-containers library by sending specially crafted JSON data, resulting in a denial of service...

PT-2022-7465

Name of the Vulnerable Software and Affected Versions aeson affected versions not specified Description The aeson library is not safe for consuming untrusted JSON input. A remote user could exploit this issue to produce a hash collision in the underlying unordered-containers library by sending...

GHSA-7MG7-M5C3-3HQJ Data races in unicycle

Affected versions of this crate unconditionally implemented Send & Sync for types PinSlab & Unordered. This allows sending non-Send types to other threads and concurrently accessing non-Sync types from multiple threads. This can result in a data race & memory corruption when types that provide...

GHSA-686F-CH3R-XWMH Data races in unicycle

Affected versions of this crate unconditionally implemented Send & Sync for types PinSlab & Unordered. This allows sending non-Send types to other threads and concurrently accessing non-Sync types from multiple threads. This can result in a data race & memory corruption when types that provide...

PYSEC-2021-569

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in tf.rawops.RaggedTensorToSparse. The implementation has an incomplete validation of the splits values: it does not check...

CVE-2020-36436

An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab and Unordered do not have bounds on their Send and Sync traits...

RUSTSEC-2020-0116 PinSlab<T> and Unordered<T, S> need bounds on their Send/Sync traits

Affected versions of this crate unconditionally implemented Send & Sync for types PinSlab & Unordered. This allows sending non-Send types to other threads and concurrently accessing non-Sync types from multiple threads. This can result in a data race & memory corruption when types that provide...

PinSlab<T> and Unordered<T, S> need bounds on their Send/Sync traits

Affected versions of this crate unconditionally implemented Send & Sync for types PinSlab & Unordered. This allows sending non-Send types to other threads and concurrently accessing non-Sync types from multiple threads. This can result in a data race & memory corruption when types that provide...