Search Vulnerabilities

imageproc: integer overflow in kernel size check leads to out-of-bounds read

imageproc: Out-of-bounds read via NaN coordinates in bilinear/bicubic sampling

imageproc has fragile bounds check when sampling from image

hickory-proto vulnerable to CPU exhaustion during message encoding due to O(n²) name compression

hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

rust-zserio has Unbounded Memory Allocation

wasmtime has a panic when allocating a table exceeding the size of the host's address space

diesel-async may expose uninitialized padding bytes for MySQL temporal columns

gix-fs: Symlink prefix-reuse allows worktree escape during checkout

Lemmy resend-verification endpoint exposes registered email addresses to unauthenticated users

ldap3_proto has LDAP Filter stack exhaustion

kanidmd_lib: Image upload validators run before authorization; PNG validator panics on malformed input

scim_proton and kanidm_proto have an authenticated process abort via SCIM filter stack exhaustion

Kanidm has non-constant-time comparison of OAuth2 client_secret

Kanidm: Stored HTML injection in "passkey-enrolment" partial via displayname → htmx-driven authenticated request forgery

webauthn-rs-core/webauthn-authenticator-rs: Origin validation mismatch possible when subdomains are allowed

Lemmy may expose private community data through community, saved, liked, and modlog API views

Private Lemmy instances expose multi-community metadata without authentication

rmcp Streamable HTTP server transport has a DNS rebinding vulnerability

rpassword affected by partial password reveal when input is interrupted