Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unvalidated extension header type index. This vulnerability may lead to out-of-bound reads and...

Memory Allocation with Excessive Size Value

Overview github.com/gofiber/fiber/v2 is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the BodyParser function, which allocates a slice of length idx+1 without validating. An attacker can cause t...

Memory Allocation with Excessive Size Value

Overview github.com/gofiber/fiber is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the BodyParser function, which allocates a slice of length idx+1 without validating. An attacker can cause the...

CVE-2025-54801 Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

RUSTSEC-2025-0005 Out of bounds write triggered by crafted coverage data

Function grcov::covdir::getcoverage uses the unsafe function getuncheckedmut without validating that the index is in bounds. This results in memory corruption, and could potentially allow arbitrary code execution provided that an attacker can feed the tool crafted coverage data...

SUSE CVE-2018-7208

In the coffpointerizeaux function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafte...

DEBIAN-CVE-2020-29443

ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...

Nvidia vGPU manager 输入验证错误漏洞

Nvidia vGPU manager is a management software from Nvidia, USA for providing GPU capabilities to virtual machines. The software supports multiple virtual machines to access the host's GPU, providing graphics performance and application compatibility for virtual machines. An input validation error...

LibreOffice Denial of Service Vulnerability (CNVD-2018-09031)

LibreOffice is a free and open source office software suite developed by The Document Foundation TDF. The suite consists of Writer text documents, Calc spreadsheets and Impress presentations and other applications. A security vulnerability exists in the 'SwCTBWrapper::Read' function in the...

GNU Binutils Denial of Service Vulnerability (CNVD-2018-05207)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.30. The vulnerability arises because the coffpointerizeaux function in coffgen.c in the...

openSUSE Security Update : libX11 (openSUSE-SU-2013:1047-1)

This update of libX11 fixes several security issues. - U0001-integer-overflow-in-XQueryFont-on-32-bit-platfor ms-.patch, U0002-integer-overflow-in-XF86BigfontQueryFont-CVE-201 3-1.patch, U0003-integer-overflow-in-XListFontsWithInfo-CVE-2013-1 981.patch,...