CVE-2026-23375

In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...

EUVD-2020-30705

Malware in sbrugna...

EUVD-2022-54740

Malicious code in bioql PyPI...

EUVD-2021-31372

Malicious code in bioql PyPI...

EUVD-2024-17975

Malicious code in bioql PyPI...

EUVD-2025-9393

Malicious code in bioql PyPI...

Updated glib2.0 packages fix security vulnerability

A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be writte...

CVE-2025-5899 GNU PSPP pspp-convert.c parse_variables_option free of memory not on the heap

A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached...

USN-7551-1: libvpx vulnerability

It was discovered that libvpx did not properly manage memory. An attacker could possibly use this issue to cause applications using libvpx to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2022-41172

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD .dxf, TeighaTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflo...

CVE-2022-46762

The memory management module has a logic bypass vulnerability.Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2021-36145

The Device Model in ACRN through 2.5 has a devicemodel/core/mem.c use-after-free for a freed rbentry...

PT-2025-15159 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to improper resource management in the memory management module. Successful exploitation of this issue may affect availability. Recommendations: At the moment, there is ...

CVE-2025-21935

In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rioaddnet in rioscanallocnet The return value of rioaddnet should be checked. If it fails, putdevice should be called to free the memory and give up the reference initialized in rioaddnet...

CVE-2025-21935 rapidio: add check for rio_add_net() in rio_scan_alloc_net()

In the Linux kernel, the following vulnerability has been resolved: rapidio: add check for rioaddnet in rioscanallocnet The return value of rioaddnet should be checked. If it fails, putdevice should be called to free the memory and give up the reference initialized in rioaddnet...

CVE-2025-21907

CVE-2025-21907 documents a Linux kernel memory-management issue: during folio migration, unmap_poisoned_folio() must set TTU_HWPOISON for anon folio (and align policy with hwpoison_user_mappings for pagecache). The patch series mm: memory_failure: unmap poisoned folio during migrate properly fixe...

CVE-2024-57980

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvcstatusinit function fails to allocate the inturb, it will free the dev-status pointer but doesn't reset the pointer to NULL. This results in the kfree call in...

CVE-2022-49489 drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3 Call trace: dpuvbifinitmemtypes+0x40/0xb8...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to improper memory management within the swfsvgaddisosample function in src/filters/loadtext.c of the component MP4Box...

CVE-2024-26783 mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index

In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeupkswapd with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the following oops has been...