GHSA-927Q-G9W9-PM54 Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

PT-2025-19406 · Crates.Io · Mp3-Metadata

The get id3 methods used by mp3 metadata::read from slice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

WordPress Plugin Aeropage Sync for Airtable Has Unspecified Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

GHSA-RP38-24M3-RX87 The lesscss script service allows cache clearing without programming right

Impact The script API of the LESS compiler in XWiki is incorrectly checking for rights when calling the cache cleaning API, making it possible to clean the cache without having programming right. The only impact of this is a slowdown in XWiki execution as the caches are re-filled. As this...

Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

RUSTSEC-2025-0027 Panic in mp3-metadata due to the lack of bounds checking

The getid3 methods used by mp3metadata::readfromslice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

Google Android Information Disclosure Vulnerability

Google Android is a Linux-based operating system from the American company Google. Google Android suffers from an information disclosure vulnerability that stems from a lack of permission checking to access media content belonging to other users, which can be exploited by an attacker to obtain...

PT-2025-19692 · Crates.Io · Mp3-Metadata

The get id3 methods used by mp3 metadata::read from slice does not perform adequate bounds checking when recreating the tag due to the use of desynchronization. Fixed in Fix index error, released as part of 0.4.0...

Google Android Elevation of Privilege Vulnerability

Google Android is a Linux-based operating system from the American company Google. Google Android suffers from an elevation of privilege vulnerability that stems from a lack of privilege checking and can be exploited to bypass the read permission of a content provider. An attacker can exploit the...

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware ...

SONNI: Secure Oblivious Neural Network Inference

In the standard privacy-preserving Machine learning as-a-service MLaaS model, the client encrypts data using homomorphic encryption and uploads it to a server for computation. The result is then sent back to the client for decryption. It has become more and more common for the computation to be...

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure when the “show bgp neighbor”...

The vulnerability of the Simple Certificate Enrollment Protocol (SCEP) implementation in the PAN-OS operating system allows a perpetrator to trigger a service failure.

The vulnerability of the Simple Certificate Enrollment Protocol SCEP implementation in the PAN-OS operating system is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability allows a malicious actor to cause service failures by sending a specially crafted...

PT-2025-17424 · Gobgp +4 · Gobgp +4

Name of the Vulnerable Software and Affected Versions: GoBGP versions prior to 3.35.0 Description: The issue arises from improper input length checking in the pkg/packet/mrt/mrt.go file, specifically failing to ensure the presence of 12 bytes or 36 bytes depending on the address family...

CVE-2022-47111

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected...

SAP NetWeaver Server ABAP Authorization Issues Vulnerability

SAP NetWeaver Server ABAP is an application server from SAP, Germany. SAP NetWeaver Server ABAP suffers from an authorization issue vulnerability that stems from a lack of authorization checking in the virus scanning interface, which could be exploited by an attacker to access sensitive data...

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a repor...

CVE-2025-31200

CVE-2025-31200 affects Apple’s CoreAudio, specifically the AudioConverterService AAC decoder, where a memory corruption issue can lead to code execution when processing a malicious audio stream. Affected products include iOS, iPadOS, macOS, and related OSes prior to the patch, with fixes implemen...

CVE-2025-31200

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1, watchOS 11.5. Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware ...