4670 matches found
CVE-2025-50900
CVE-2025-50900 affects getrebuild/rebuild 4.0.4. The issue resides in com.rebuild.web.RebuildWebInterceptor.preHandle, where the filter decodes the request URI and checks if the path ends with /error. If it does not, the code redirects to /user/login, potentially allowing an unauthenticated attac...
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
PT-2025-34622 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the WebP Image Decoding functionality. Loading a specially crafted .webp animation can cause an integer overflow when calculating the stride for...
SAIL Image Decoding Library Targa RLE Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2220 SAIL Image Decoding Library Targa RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-50129 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...
SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2215 SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-46407 SUMMARY A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library...
Linux Distros Unpatched Vulnerability : CVE-2018-1000050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption,...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from an integer overflow in the BMPv3 palette decoding function that could lead to remote code execution...
SAIL Image Decoding Library WebP Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2224 SAIL Image Decoding Library WebP Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52456 SUMMARY A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...
SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...
SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2216 SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-32468 SUMMARY A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version v0.9.8, which stems from a memory corruption in the PCX image decoding function that could lead to remote code execution...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from an integer overflow in the PSD image decoding function that could lead to remote code execution...
SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2219 SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53085 SUMMARY A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library...
PT-2025-34617 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PCX Image Decoding functionality of the library. Decoding image data from a crafted .pcx file can lead to a heap-based buffer overflow, potentially...
PT-2025-34621 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library. Decoding image data from a crafted .tga file can lead to a heap-based buffer...
SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2217 SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-35984 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from a heap buffer overflow in the PSD RLE decoding function that could lead to remote code execution...
Linux Distros Unpatched Vulnerability : CVE-2019-10050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the failure to enforce INTEGER constraints in the UPER decoding process when the bound is positive and exceeds 32 bits. An attacker can cause the processing of incorrect or malicious input by supplying...
go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...