CVE-2019-12246

SilverStripe through 4.3.3 allows a Denial of Service on flush and development URL tools...

binary-exploitation-labs

Binary Exploitation Labs This repository is my long-term pu...

PT-2026-2072

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. A null pointer dereference issue exists in the CIccProfileXml::ParseBasic...

PT-2026-2090

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. A Type Confusion issue exists in the CIccSegmentedCurveXml::ToXml function...

PT-2026-2063

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. Versions prior to 2.3.1.2 are susceptible to a NULL pointer dereference...

MalwareAnalysisProject

MalwareAnalysisProject Introduction to exploit development wit...

EUVD-2026-1156

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2...

CVE-2026-21486

iccDEV is affected in versions 2.3.1.1 and earlier, where the CIccSparseMatrix::CIccSparseMatrix function contains Use After Free, Heap-based Buffer Overflow, Integer Overflow/Wraparound, and Out-of-bounds Write vulnerabilities. The issue is fixed in version 2.3.1.2. Affected products: iccDEV lib...

PT-2026-1409

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below contain issues including an Out-of-bounds Read, Use of Out-of-range Pointer Offset,...

PT-2026-1394

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.1 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have a memory leak in the XML MPE Parsing Path iccFromXml. Recommendations Update to...

UBUNTU-CVE-2025-65110

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to versions 6.1.2 and 5.6.3, applications meeting two conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used...

CVE-2025-57275 vulnerabilities

Vulnerabilities for packages: longhorn-spdk...

NordVPN Denies Breach After Hacker Claims Access to Salesforce Dev Data

A hacker using the alias 1011 has claimed to breach a NordVPN development server, posting what appears to…...

Grok apologizes for creating image of young girls in “sexualized attire”

Another AI system designed to be powerful and engaging ends up illustrating how guardrails routinely fail when development speed and feature races outrun safety controls. In a post on X, AI chatbot Grok confirmed that it generated an image of young girls in “sexualized attire.” The potential...

Expanding the Zero Critical Club to set a new standard for AppSec and SecOps teams

We are introducing Zero Code Criticals and Zero Time to Respond clubs to give every team a clear north star for secure development and rapid response...

SUSE SLES15 / openSUSE 15 Security Update : dpdk22 (SUSE-SU-2025:4534-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4534-1 advisory. Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a...

Security Bulletin: IBM i is affected by exposure of sensitive information and improper access control vulnerabilities in IBM Java SDK and IBM Java Runtime [CVE-2025-53066, CVE-2025-53057]

Summary IBM SDK Java Technology Edition and IBM Runtime Environment Java used by IBM i to support the building and running of Java applications are vulnerable to unauthorized access to data by using APIs in the JAXP component CVE-2025-53066 and creation, deletion or modification access to data by...

Security update for dpdk22

This update for dpdk22 fixes the following issues: Update to version 22.11.10. Security issues fixed: CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...

CVE-2025-68474

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...