Search Vulnerabilities

Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream

unbounded-spsc: Sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race

OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages

free5GC: UDR nudr-dr DELETE amf-subscriptions panics on missing UE state via nil interface type assertion (single authenticated request)

Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation

vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

apko `DiscoverKeys` has a panic on non-rsa jwks key that causes crash during key discovery

Coturn: Misaligned Memory Access in coturn STUN Attribute Parser (Remote DoS on ARM64)

OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)

Net::CIDR versions before 0.24 for Perl mishandle leading zeros in IP CIDR addresses, which may have unspecified impact

psd-tools: Compression module has unguarded zlib decompression, missing dimension validation, and hardening gaps

SolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution Vulnerability

SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability

SolarWinds Serv-U Type Confusion Remote Code Execution Vulnerability

An unsafe cast in the MongoDB query planner can result in a segmentation fault.

cert-manager-controller DoS via Specially Crafted DNS Response

iccDEV Has Type Confusion in CIccTagEmbeddedHeightImage::Validate()

iccDEV has UB runtime error in <icTagTypeSignature>

loggingredactor converts non-string types to string types in logs

iccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cpp