PT-2025-52720

Name of the Vulnerable Software and Affected Versions wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87 Description The software contains a reachable assertion issue in the APRS MIC-E decoder function aprs mic e located in src/decode aprs.c. Processing a speciall...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the processing of malicious IPv4 fragments. An attacker can exhaust system memory and CPU resources by sending specially crafted network packets. Remediation Upgrade...

SUSE SLES16 Security Update : ImageMagick (SUSE-SU-2025:21211-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21211-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. -...

RLSA-2023:2763 Moderate: python38:3.8 and python38-devel:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

RockyLinux 8 : python39:3.9 and python39-devel:3.9 (RLSA-2023:2764)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2764 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 python: open redirection...

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

RockyLinux 8 : python38:3.8 and python38-devel:3.8 (RLSA-2023:2763)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2763 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 python: open redirection...

netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

A flaw was found in Netty. With specially crafted input, BrotliDecoder and some other decompressing decoders will allocate a large number of reachable byte buffers, which can lead to denial of service...

GO-2025-4161 VictoriaMetrics' Snappy Decoder DoS Vulnerability is Causing OOM in github.com/VictoriaMetrics/VictoriaMetrics

VictoriaMetrics' Snappy Decoder DoS Vulnerability is Causing OOM in github.com/VictoriaMetrics/VictoriaMetrics...

SUSE-SU-2025:21211-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

CVE-2025-36937

In AudioDecoder::HandleProduceRequest of audiodecoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36937

In AudioDecoder::HandleProduceRequest of audiodecoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36937

In AudioDecoder::HandleProduceRequest of audiodecoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36937

CVE-2025-36937 affects the AudioDecoder::HandleProduceRequest path in audio_decoder.cc. The issue is an out-of-bounds write caused by an incorrect bounds check, which could enable remote code execution over the network without user interaction or extra privileges. Multiple connected sources (incl...

PT-2025-50717

Name of the Vulnerable Software and Affected Versions Adobe affected versions not specified Description An issue exists in the AudioDecoder::HandleProduceRequest function within audio decoder.cc. An incorrect bounds check can lead to an out-of-bounds write, potentially resulting in remote code...

CVE-2025-66628

CVE-2025-66628 affects ImageMagick’s TIM image parser (ReadTIMImage in coders/tim.c). In versions up to 7.1.2-9, width/height are read as 16-bit values and image_size = 2 * width * height can overflow on 32-bit systems, causing a small heap allocation and enabling an out-of-bounds read. This is m...

EUVD-2025-202428

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

CVE-2025-66628 ImageMagick is vulnerable to an Integer Overflow in TIM decoder leading to out of bounds read (32-bit only)

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...

CVE-2025-66628 ImageMagick is vulnerable to an Integer Overflow in TIM decoder leading to out of bounds read (32-bit only)

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...