A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker…

An arbitrary file write vulnerability was found in GNU gzip’s zgrep utility. When zgrep is applied on the attacker’s chosen file name (for example, a…

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse…

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field…

A heap buffer overflow flaw was found in Libtiffs’ tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to…

A stack buffer overflow flaw was found in Libtiffs’ tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to…

Delta Electronics CNCSoft (All versions prior to 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.…

CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition. Zafiyet…

An out-of-bounds read flaw was found in the Linux kernel’s io_uring module in the way a user triggers the io_read() function with some special parameters.…

A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user’s objects.…