PT-2025-32094 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: An improper array index verification issue exists in the audio codec module. Successful exploitation may affect the audio decoding function. Recommendations: ...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper array index validation vulnerability exists in the Huawei HarmonyOS audio codec module, which can be exploited by an attacker to cause audio...

OSV-2025-597 Heap-buffer-overflow in generic_unpack

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=435779241 Crash type: Heap-buffer-overflow READ 2 Crash state: genericunpack exrdecodingrun Imf34::ScanLineProcess::rundecode...

ALPINE-CVE-2025-54350

In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...

iperf 安全漏洞

iperf is an ESnet open source tool for actively measuring the maximum bandwidth achievable on an IP network. A security vulnerability exists in iperf versions prior to 3.19.1, which stems from the existence of a Base64 decoding assertion failure in iperfauth.c that could cause the application to...

OSV-2025-584 Heap-buffer-overflow in isvcd_mark_err_slice_skip

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=434978682 Crash type: Heap-buffer-overflow READ 2 Crash state: isvcdmarkerrsliceskip isvcdvideodecode Codec::decodeFrame...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the GIF decoding process when handling malformed comment extension blocks lacking a block terminator. An attacker can cause the application to enter an infinite loop and exhaust...

Apple macOS MediaToolbox Framework Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the MediaToolbox framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

RLSA-2025:4051 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS CVE-2024-12243 For more details...

RLSA-2025:4049 Moderate: libtasn1 security update

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding functions. Security Fixes: libtasn1: Inefficient DER Decoding in libtasn1 Leading ...

libtasn1 security update

An update is available for libtasn1. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A library that provides Abstract Syntax Notation One ASN.1, as specified by...

PT-2025-40876

Name of the Vulnerable Software and Affected Versions Versions prior to 8.0 Description A heap-buffer-overflow can occur when decoding a frame for a SANM file ANIM v0 variant. Frames encoded with codec 48 can specify their resolution width x height, and a buffer is allocated based on this...

NewStart CGSL MAIN 7.02 : librsvg2 Vulnerability (NS-SA-2025-0127)

The remote NewStart CGSL host, running version MAIN 7.02, has librsvg2 packages installed that are affected by a vulnerability: - A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem outside ...

USN-7637-1 jpeg-xl vulnerabilities

It was discovered that libjxl did not perform proper bounds checking when parsing Exif tags. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service. CVE-2023-0645 It was discovered that libjxl did not perform proper bounds checking when decoding...

Denial Of Service (DoS)

github.com/ctfer-io/chall-manager is vulnerable to Denial Of Service DoS. The vulnerability is due to the lack of size validation when decoding zip archives, which allows an attacker to exploit the system using zip bomb decompression without requiring authentication or authorization...

CVE-2025-53633

CVE-2025-53633 affects Chall-Manager. The vulnerability arises when decoding a scenario (zip archive): the decoded content size is not checked, allowing potential zip-bomb decompression. Exploitation does not require authentication or authorization. A patch was implemented in commit 14042aa and s...

CVE-2025-53632 Chall-Manager's scenario decoding process does not check for zip slips

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can...

GHSA-R7FM-3PQM-WW5W Chall-Manager's scenario decoding process does not check for zip bombs

Impact When decoding a scenario i.e. a zip archive, the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the scenario decoding process. An attacker can cause excessive resource consumption by submitting a specially crafted zip archive that decompresses to a very large size...

Chall-Manager's scenario decoding process does not check for zip bombs

Impact When decoding a scenario i.e. a zip archive, the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly...