57 matches found
CVE-2022-42716
An issue was discovered in the Arm Mali GPU Kernel Driver. There is a use-after-free. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Valhall r29p0 through r40P0...
EUVD-2021-22777
Malware in sbrugna...
EUVD-2021-31847
Malicious code in bioql PyPI...
EUVD-2025-14837
Malicious code in bioql PyPI...
EUVD-2022-49501
Malicious code in bioql PyPI...
EUVD-2023-46433
Malicious code in bioql PyPI...
CVE-2025-47917
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtlsx509stringtonames takes a head argument that is documented as an output argument. The documentation does not suggest that the function...
CVE-2025-47917
Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtlsx509stringtonames takes a head argument that is documented as an output argument. The documentation does not suggest that the function...
PT-2025-25850
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the allocation of percpu counters for module tags. When a module is unloaded, it checks if any of its tags are still in...
[ASA-202505-4] webkit2gtk-4.1: arbitrary code execution
Arch Linux Security Advisory ASA-202505-4 ========================================= Severity: High Date : 2025-05-18 CVE-ID : CVE-2023-42875 CVE-2023-42970 Package : webkit2gtk-4.1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2868 Summary ======= The...
CVE-2025-37849
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. Note only does this leak...
CVE-2025-0072 Mali GPU Kernel Driver allows improper GPU memory processing operations
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Drive...
CVE-2022-49770 ceph: avoid putting the realm twice when decoding snaps fails
In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'firstrealm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random...
CVE-2025-24252
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory...
CVE-2025-32911 Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value
A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...
CVE-2025-32911
A concrete vulnerability exists in libsoup: a use-after-free in soup_message_headers_get_content_disposition() can lead to memory corruption in the Libsoup server/client when handling Content-Disposition parameters. Connected advisories confirm multiple related flaws in libsoup (including this CV...
CVE-2022-49489
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpuvbifinitmemtypes+0x40/0xb8...
CVE-2025-21671 zram: fix potential UAF of zram table
In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zrammetaalloc failed early, it frees allocated zram-table without setting it NULL. Which will potentially cause zrammetafree to access the table if user reset an failed and uninitialized...
CVE-2024-47834
A flaw was found in the GStreamer library. A use-after-free in the Matroska demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2832)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : media: dvbdev: Fix memory leak in dvbmediadevicefreeCVE-2020-36777 Drivers: hv: vmbus: Use after free in vmbusopenCVE-2021-47049 KVM: PPC: Fix...