3164 matches found
PT-2026-5327
Name of the Vulnerable Software and Affected Versions KiloView Encoder Series affected versions not specified Description A missing authentication check for a critical function in KiloView Encoder Series allows an unauthenticated attacker to create or delete administrator accounts. Successful...
CVE-2026-24806
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
Quick-Media Batik Codec FIX package has Code Injection vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...
GHSA-8623-9FWR-4CXV Quick-Media Batik Codec FIX package has Code Injection vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...
CVE-2026-24806
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
CVE-2026-24806
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
CVE-2026-24806 Buffer Write Security Vulnerability in liuyueyi/quick-media
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
CVE-2026-24806
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
CVE-2026-24806 Buffer Write Security Vulnerability in liuyueyi/quick-media
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
CVE-2026-24806
CVE-2026-24806 arises from an improper generation of code in liuyueyi’s quick-media project, specifically the PNGImageEncoder path within the SVG Batik codec fix module. The vulnerability affects quick-media before v1.0 and is described as a Code Injection issue. Supported details from multiple s...
PT-2026-4875
Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media...
Quick-Media security vulnerabilities
Quick-Media is a multimedia service software developed by YiHui’s individual developers. Versions of Quick-Media prior to v1.0 contained security vulnerabilities. These vulnerabilities stemmed from a code injection vulnerability in the PNG encoding component, PNGImageEncoder.Java, which could all...
CVE-2025-22234 Spring Security - BCrypt Password Encoder maximum password length breaks timing attack mitigation
The fix applied in CVE-2025-22228 inadvertently broke the timing attack mitigation implemented in DaoAuthenticationProvider. This can allow attackers to infer valid usernames or other authentication behavior via response-time differences under certain configurations...
CVE-2025-22234 Spring Security - BCrypt Password Encoder maximum password length breaks timing attack mitigation
The fix applied in CVE-2025-22228 inadvertently broke the timing attack mitigation implemented in DaoAuthenticationProvider. This can allow attackers to infer valid usernames or other authentication behavior via response-time differences under certain configurations...
nullsec-exploit
💀 NullSec Exploit Advanced Exploit Development & Payload...
Azure Linux 3.0 Security Update: openjpeg2 (CVE-2020-27824)
The version of openjpeg2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-27824 advisory. - A flaw was found in OpenJPEG's encoder in the opjdwtcalcexplicitstepsizes function. This flaw allows an...
Azure Linux 3.0 Security Update: openjpeg2 (CVE-2020-27823)
The version of openjpeg2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-27823 advisory. - A flaw was found in OpenJPEG's encoder. This flaw allows an attacker to pass specially crafted x,y offset...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38044)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38044 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 T...
Debian dla-4440 : ffmpeg - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4440 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4440-1 [email protected]...
[SECURITY] [DLA 4440-1] ffmpeg security update
Debian LTS Advisory DLA-4440-1 [email protected] https://www.debian.org/lts/security/ Carlos Henrique Lima Melara January 16, 2026 https://wiki.debian.org/LTS Package : ffmpeg Version : 7:4.3.9-0+deb11u2 CVE ID : CVE-2023-6603 CVE-2024-36615 CVE-2025-1594 CVE-2025-7700 CVE-2025-9951...