914 matches found
Arbitrary File Write via Archive Extraction (Zip Slip)
Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the encodeimage function. An attacker can access arbitrary files on the server by supplying crafted imagepath values...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the ImagingBcnEncode function. An attacker can cause memory corruption or potentially execute arbitrary code by saving a specially crafted, large DDS image file as compressed data. Note: This is only...
SUSE CVE-2025-6816
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...
AZL-64413 CVE-2025-6816 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...
AZL-64437 CVE-2025-6816 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...
DEBIAN-CVE-2025-6816
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...
UBUNTU-CVE-2025-6816
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5Ofsinfoencode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...
SUSE CVE-2025-6750
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
DEBIAN-CVE-2025-6750
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
AZL-64422 CVE-2025-6750 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
UBUNTU-CVE-2025-6750
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...
TencentOS Server 3: perl-Encode (TSSA-2022:0184)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0184 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2keyencode CVE-2024-36967 In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails CVE-2024-36975 Affected Packages:...
VulnCheck KEV: CVE-2014-2383
dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in...
CVE-2023-21158
In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-42506
In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-36144
SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64encode...
CVE-2021-39247
Zint Barcode Generator before 2.10.0 has a one-byte buffer over-read, related to islastsingleascii in code1.c, and rsencodeuint in reedsol.c...
CVE-2021-36080
GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bitchainfree called from dwgencodeMTEXT and dwgencodeaddobject...
CVE-2021-41945
Encode OSS httpx 0.23.0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...