The vulnerability of the bch2_sb_clean_validate_late() function in the fs/bcachefs/sb-clean.c module of the bcachefs file system support in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bch2sbcleanvalidatelate function in the fs/bcachefs/sb-clean.c module of the bcachefs file system support module in the Linux operating system is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the bearer_name_validate() function in the net/tipc/bearer.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bearernamevalidate function in the net/tipc/bearer.c module of the Linux kernel lies in the copying of buffers without checking the size of the input data a classic buffer overflow attack. Exploiting this vulnerability could allow an attacker to compromise the...

UBUNTU-CVE-2025-49177

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests...

Keeping an Eye on LLM Unlearning: the Hidden Risk and Remedy

Although Large Language Models LLMs have demonstrated impressive capabilities across a wide range of tasks, growing concerns have emerged over the misuse of sensitive, copyrighted, or harmful data during training. To address these concerns, unlearning techniques have been developed to remove the...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to the HL1MDLLoader::validateheader function, which doesn't check the file size before trying to access the buffer/header. An attacker can read data outside the intended buffer boundaries by manipulating the input...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the ValidateSurfaceHeader function. An attacker can read data outside the intended buffer boundaries by manipulating the pcSurface2 argument. This is only exploitable if the attacker has local access to the...

DEBIAN-CVE-2025-5165

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read...

PYSEC-2025-172

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read...

Assimp 缓冲区错误漏洞

Assimp is an Assimp open source library. It is used to import and export various 3D model formats. A buffer error vulnerability exists in Assimp version 5.4.3, which stems from an out-of-bounds read problem in function HL1MDLLoader::validateheader in file...

CVE-2021-29662

The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which in some situations allows attackers to bypass access control that is based on IP addresses...

CVE-2021-39814

In ppmpvalidatewsm of drmfw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Malicious code in vee-validate-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63ace977c863bcb637c683acad480db2f66f9fba7f0c318b7adaed074fbe08db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4033 Malicious code in vee-validate-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63ace977c863bcb637c683acad480db2f66f9fba7f0c318b7adaed074fbe08db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2025-21246 · Oa System · Oa System

Name of the Vulnerable Software and Affected Versions: OA System versions prior to 2025.01.01 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter at the "/inform/InformManageController.java...

CVE-2025-40621

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’...

CVE-2025-40620

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’...

mrdoc 安全漏洞

mrdoc is a python based online documentation system by the individual developer of zmister2016. A security vulnerability exists in mrdoc 0.9.5 and earlier versions, which stems from the validateurl function leading to server-side request forgery...

Configuration Change Detected (Low)

The system detected a change in the controller code that was made via the network. An attacker may use code changes to disrupt normal operations, to cause production losses, or to create a security threat. This plugin only works with Tenable.ot. Please visit...

accel/qaic: Fix integer overflow in qaic_validate_req()

...

CLSA-2025-1745586793 cups-filters: Fix of CVE-2024-47076

CVE-2024-47076: cfGetPrinterAttributes5 Validate response attributes before return...