61 matches found
Finding Memory Leaks in C/C++ Programs Via Neuro-Symbolic Augmented Static Analysis
Memory leaks remain prevalent in real-world C/C++ software. Static analyzers such as CodeQL provide scalable program analysis but frequently miss such bugs because they cannot recognize project-specific custom memory-management functions and lack path-sensitive control-flow modeling. We present...
EUVD-2020-11623
Malware in sbrugna...
CVE-2020-19725 affecting package z3 for versions less than 4.13.3-1
CVE-2020-19725 affecting package z3 for versions less than 4.13.3-1. An upgraded version of the package is available that resolves this issue...
Malicious code in @zalastax/nolb-_z3 (npm)
The package @zalastax/nolb-z3 was found to contain malicious code...
MAL-2025-43107 Malicious code in @zalastax/nolb-_z3 (npm)
The package @zalastax/nolb-z3 was found to contain malicious code...
CVE-2020-19725
There is a use-after-free vulnerability in file pddsimplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution...
VulnCheck KEV: CVE-2022-20933
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...
CVE-2024-20509
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service DoS condition for individual users of the AnyConnect VPN...
CVE-2024-20498 Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...
Security Bulletin: IBM Storage Ceph is vulnerable to the Improper Restriction of Operations within Memory Buffer in the RHEL UBI (CVE-2023-1255, CVE-2023-2650)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-1255, CVE-2023-2650. Vulnerability Details CVEID:CVE-2023-1255 DESCRIPTION: OpenSSL is vulnerable to a denial of service,...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
RLSA-2023:5091 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
ALSA-2023:5091 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...
Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...
AZL-37067 CVE-2020-19725 affecting package z3 for versions less than 4.13.3-1
There is a use-after-free vulnerability in file pddsimplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution...
CVE-2020-19725
There is a use-after-free vulnerability in file pddsimplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution...
CVE-2020-19725
There is a use-after-free vulnerability in file pddsimplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution...
CVE-2020-19725
There is a use-after-free vulnerability in file pddsimplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution...
Design/Logic Flaw
There is a use-after-free vulnerability in file pddsimplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution...