Lucene search
K

8 matches found

Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-54059

Pillow is a Python imaging library. Prior to 12.3.0, PIL/PcfFontFile.py loadbitmaps read glyph dimensions from the PCF METRICS section and passed them directly to Image.frombytes without calling Image.decompressionbombcheck, allowing crafted PCF font data to cause excessive memory allocation. Thi...

7.5CVSS6AI score
Exploits0
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.5 views

HarfBuzz 安全漏洞

HarfBuzz is HarfBuzz open source a text engine for OpenType fonts. HarfBuzz version before 12.3.0 has a security vulnerability , the vulnerability stems from the SubtableUnicodesCache::create function does not check the hbmalloc return value , which may lead to null pointer dereferencing and...

5.3CVSS6.4AI score0.00377EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2015-5791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service...

6.8CVSS5.9AI score0.02505EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:15 a.m.4 views

SUSE CVE-2015-5817

WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-09-16-1 and...

6.8CVSS7.3AI score0.02709EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/14 12:0 a.m.3 views

PT-2022-15592 · Apple · Ios +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 15.4 iPadOS versions prior to 15.4 macOS Monterey versions prior to 12.3 Description: The issue allows a user to send audio and video in a FaceTime call without their knowledge. This is due to inadequate checks that have...

7.5CVSS7AI score0.01201EPSS
Exploits0References8
OSV
OSV
added 2021/07/21 3:15 a.m.2 views

CVE-2021-1099

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager vGPU plugin that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affect...

7.8CVSS7.5AI score
Exploits0References1
OSV
OSV
added 2019/05/02 2:29 p.m.4 views

CVE-2019-11678

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection...

9.8CVSS7.3AI score0.0948EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/06 12:0 a.m.2 views

Zoho ManageEngine OpManager SQL Injection Vulnerability (CNVD-2018-22525 )

Zoho ManageEngine OpManager is a suite of network, server and virtualization monitoring software from Zoho. A SQL injection vulnerability exists in Zoho ManageEngine OpManager version 123222 prior to 12.3, which can be exploited by an attacker to obtain sensitive information about a database...

9.8CVSS9.6AI score0.24498EPSS
Exploits0References1
Rows per page
Query Builder