22103 matches found
libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.
...
Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss
...
Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf.
...
drm/sched: Fix fence reference count leak
...
drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()
...
gpio: aggregator: protect driver attr handlers against module unload
...
cifs: Fix integer overflow while processing acregmax mount option
...
can: ucan: fix out of bound read in strscpy() source
...
vlan: enforce underlying device type
...
ksmbd: fix type confusion via race condition when using ipc_msg_send_request
...
netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
...
HID: appleir: Fix potential NULL dereference at raw event handle
...
Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow
...
Chromium: CVE-2025-4052 Inappropriate implementation in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-4051 Insufficient data validation in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-4050 Out of bounds memory access in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-4096 Heap buffer overflow in HTML
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium-based) Spoofing Vulnerability
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
Azure Virtual Desktop Elevation of Privilege Vulnerability
Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network...
Azure Functions Remote Code Execution Vulnerability
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
Azure AI Bot Elevation of Privilege Vulnerability
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
Azure ML Compute Elevation of Privilege Vulnerability
Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...
Azure Bot Framework SDK Elevation of Privilege Vulnerability
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...
Microsoft Dynamics Information Disclosure Vulnerability
Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network...
Libsoup: denial of service on libsoup through http/2 server
...
Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client
...
Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
...
Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
...
FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
...
PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service
...
PyTorch: `torch.load` with `weights_only=True` leads to remote code execution
...
Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication
...
Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c
...
Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication
...
PgBouncer default auth_query does not take Postgres password expiry into account
...
Field `file_table` of `struct module *module` is uninitialized
...
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.
...
Out of bounds read in parse_module function in bfd/vms-alpha.c
...
Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`
...
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.
...
A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.
...
HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.
...
The giflib open-source component has a buffer overflow vulnerability
...
NATS-Server Fails to Authorize Certain Jetstream Admin APIs
...
Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header
...
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE
...
Libsoup: out of bounds reads in soup_headers_parse_request()
...
In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.
...
GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service
...
Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes
...