57 matches found
The Geomys Standard of Care
One of the most impactful effects of professionalizing open source maintenance is that as professionals we can invest into upholding a set of standards that make our projects safer and more reliable. The same commitments and overhead that are often objected to when required of volunteers should b...
EUVD-2018-6209
Malware in sbrugna...
EUVD-2020-2906
Malware in sbrugna...
EUVD-2020-3334
Malware in sbrugna...
EUVD-2020-12084
Malware in sbrugna...
EUVD-2018-18703
Malware in sbrugna...
EUVD-2016-2046
Malware in sbrugna...
EUVD-2020-20393
Malware in sbrugna...
EUVD-2024-47659
Malicious code in bioql PyPI...
EUVD-2025-5974
Malicious code in bioql PyPI...
EUVD-2025-10375
Malicious code in bioql PyPI...
CVE-2025-38556
In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...
CVE-2025-24104
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files...
CVE-2020-1088
An elevation of privilege vulnerability exists in Windows Error Reporting WER when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1021, CVE-2020-1082...
CVE-2019-1316
An elevation of privilege vulnerability exists in Microsoft Windows Setup when it does not properly handle privileges, aka 'Microsoft Windows Setup Elevation of Privilege Vulnerability'...
CVE-2025-37918 Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: avoid NULL pointer dereference in skbdequeue A NULL pointer dereference can occur in skbdequeue when processing a QCA firmware crash dump on WCN7851 0489:e0f3. 93.672166 Bluetooth: hci0: ACL memdump size589824...
CVE-2025-22096
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: Fix error code msmparsedeps The SUBMITERROR macro turns the error code negative. This extra '-' operation turns it back to positive EINVAL again. The error code is passed to ERRPTR and since positive values are not a...
PT-2025-16110 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A vulnerability exists in the handling of meeting links. No further details are available. Recommendations: At the moment, there is no information about a newer version that contains a fix f...
PT-2025-13302 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the handling of PTE markers in the hugetlb change protection function. The issue can be triggered by mapping a memfd...
PT-2025-13286 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the handling of pte markers when the fork function is called without a fork event. The issue was addressed through a...