[SECURITY] Fedora 42 Update: rust-litemap-0.7.3-5.fc42

A key-value Map implementation based on a flat, sorted Vec...

SUSE CVE-2025-21643

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel async DIO Netfslib needs to be able to handle kernel-initiated asynchronous DIO that is supplied with a biovec array. Currently, because of the async flag, this gets passed to netfsextractuseriter which throws a...

DEBIAN-CVE-2024-57653

An issue in the qstvecsetcopy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

UBUNTU-CVE-2024-57649

An issue in the qstvecset component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

Virtuoso Open-Source Edition 安全漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.11, which...

Unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

Heap Buffer Overflow

SQLite-vec is vulnerable to a Heap Buffer Overflow. The vulnerability is due to improper handling of memory allocation in the npytokennext function, which allows for a heap buffer overflow when processing certain crafted files...

datasette-sqlite-vec (>=0.1.1 <=0.1.10a4), memorylayer-server (>=0.0.3 <=0.0.5) +2 more potentially affected by CVE-2024-46488 via sqlite-vec (>=0.1.1 <=0.1.2a9)

sqlite-vec PYPI version =0.1.1, =0.1.1, =0.0.3, =0.1.1, =0.1.10a4 - zf-memician =0.1.3 Source cves: CVE-2024-46488 Source advisory: OSV:GHSA-VRCX-GX3G-J3H8...

Heap-based Buffer Overflow in sqlite-vec

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

CVE-2024-46488

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

CVE-2024-46488

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

sqlite-vec 安全漏洞

sqlite-vec is a SQLite extension from the individual developer Alex Garcia. A security vulnerability exists in sqlite-vec version v0.1.1, which stems from the presence of a heap buffer overflow that allows an attacker to cause a denial of service DoS via a crafted file...

CVE-2024-46488

sqlite-vec v0.1.1 contains a heap-based buffer overflow in the npy_token_next function that can be triggered by processing crafted files, leading to Denial of Service (DoS). The CVE-2024-46488 entry is corroborated by Red Hat, Veracode, GitHub advisory GHSA-vrcx-gx3g-j3h8, OSV, NVD, CVE list, and...

CVE-2024-46488

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

Heap-based Buffer Overflow in sqlite-vec

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file. Workaround for CVE in release 0.1.3...

CVE-2024-46488

sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npytokennext function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted file...

PT-2024-8482 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a slow server-side memory leak in the SUNRPC component of the Linux kernel when using RPC-over-TCP. This leak occurs because the sock sendmsg function does not...

PT-2023-31403 · Ibm · Ibm System Storage Virtualization Engine Ts7700

Name of the Vulnerable Software and Affected Versions: IBM System Storage Virtualization Engine TS7700 versions 3957-VEC, 3948-VED Description: A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used i...

GHSA-RCX8-48PC-V9Q8 mail-internals use-after-free vulnerability in `vec_insert_bytes`

Incorrect reallocation logic in the function vecinsertbytes causes a use-after-free. This function does not have to be called directly to trigger the vulnerability because many methods on EncodingWriter call this function internally. The mail-\ suite is unmaintained and the upstream sources have...

Use-after-free in `vec_insert_bytes`

Incorrect reallocation logic in the function vecinsertbytes causes a use-after-free. This function does not have to be called directly to trigger the vulnerability because many methods on EncodingWriter call this function internally. The mail-\ suite is unmaintained and the upstream sources have...