68528 matches found
CVE-2025-54486
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54480
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-53557
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54481
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54490
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-52581
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54462
A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted .nex file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54483
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54487
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-53853
A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted ISHNE ECG annotations file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this...
CVE-2025-52461
An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted .nex file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54492
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-53518
An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted ABF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54493
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-46411
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-53511
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54484
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54491
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54489
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54485
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-48005
A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted RHS2000 file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-54488
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-9403
A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function runjqtests of the file jqtest.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Othe...
CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
CVE-2025-9394
A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host...
CVE-2025-9390
A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be...
CVE-2025-9389
A vulnerability was identified in vim 9.1.0000. Affected is the function memmoveavxunalignederms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are not...
CVE-2025-9385
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fixipv6checksums of the file editpacket.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used...
CVE-2025-9386
A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function getl2lenprotocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and...
CVE-2025-9384
A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpeditpostargs of the file /src/tcpedit/parseargs.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading t...
CVE-2025-4609
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
CVE-2025-54812
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order t...
CVE-2025-54813
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON...
CVE-2025-38626
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to trigger foreground gc during f2fsmapblocks in lfs mode w/ "mode=lfs" mount option, generic/299 will cause system panic as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace:...
CVE-2025-38660
In the Linux kernel, the following vulnerability has been resolved: ceph parselongname: strrchr expects NUL-terminated string ... and parselongname is not guaranteed that. That's the reason why it uses kmemdupnul to build the argument for kstrtou64; the problem is, kstrtou64 is not the only thing...
CVE-2025-38671
In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...
CVE-2025-38668
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix NULL dereference on unbind due to stale coupling data Failing to reset couplingdesc.ncoupled after freeing coupledrdevs can lead to NULL pointer dereference when regulators are accessed post-unbind. This can...
CVE-2025-38672
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/gem-dma: Use dmabuf from GEM object instance" This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685. The dmabuf field in struct drmgemobject is not stable over the object instance's lifetime. The field becomes...
CVE-2025-38648
In the Linux kernel, the following vulnerability has been resolved: spi: stm32: Check for cfg availability in stm32spiprobe The stm32spiprobe function now includes a check to ensure that the pointer returned by ofdevicegetmatchdata is not NULL before accessing its members. This resolves a warning...
CVE-2025-38651
In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...
CVE-2025-38627
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
CVE-2025-38621
In the Linux kernel, the following vulnerability has been resolved: md: make rdevaddable usable for rcu mode Our testcase trigger panic: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 85 Comm: kworker/2:1 Not tainted 6.16.0+ 94...
CVE-2025-38620
In the Linux kernel, the following vulnerability has been resolved: zloop: fix KASAN use-after-free of tag set When a zoned loop device, or zloop device, is removed, KASAN enabled kernel reports "BUG KASAN use-after-free" in blkmqfreetagset. The BUG happens because zloopctlremove calls putdisk,...
CVE-2025-38625
In the Linux kernel, the following vulnerability has been resolved: vfio/pds: Fix missing detachioas op When CONFIGIOMMUFD is enabled and a device is bound to the pdsvfiopci driver, the following WARNON trace is seen and probe fails: WARNING: CPU: 0 PID: 5040 at drivers/vfio/vfiomain.c:317...
CVE-2025-38640
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable migration in nfhookrunbpf. syzbot reported that the netfilter bpf prog can be called without migration disabled in xmit path. Then the assertion in bpfprogrun fails, triggering the splat below. 0 Let's use...
CVE-2025-38619
In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: fix listdel corruption If ticsi2rxstartdma fails in ticsi2rxdmacallback, the buffer is marked done with VB2BUFSTATEERROR but is not removed from the DMA queue. This causes the same buffer to be retried in...
CVE-2025-38662
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...
CVE-2025-38659
In the Linux kernel, the following vulnerability has been resolved: gfs2: No more self recovery When a node withdraws and it turns out that it is the only node that has the filesystem mounted, gfs2 currently tries to replay the local journal to bring the filesystem back into a consistent state. N...
CVE-2025-38667
In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". To protect from OoB access, check that the input...
CVE-2025-38632
In the Linux kernel, the following vulnerability has been resolved: pinmux: fix race causing muxowner NULL with active muxusecount commit 5a3e85c3c397 "pinmux: Use sequential access to access desc-pinmux data" tried to address the issue when two client of the same gpio calls pinctrlselectstate fo...