CVE-2025-52930

A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...

CVE-2025-52930

CVE-2025-52930 affects the BMPv3 RLE Decoding functionality in the SAIL Image Decoding Library v0.9.8 . A memory corruption due to a heap-based buffer overflow during BMP data decompression can lead to remote code execution if an attacker can induce the library to read a specially crafted BMP fil...

SAIL 安全漏洞

SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from a heap buffer overflow in the BMPv3 RLE decoding function that could lead to remote code execution...

PT-2025-34626 · Unknown · Sail Image Decoding Library

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PSD RLE Decoding functionality. Decompressing image data from a crafted .psd file can lead to a heap-based buffer overflow, potentially allowing fo...

CVE-2025-55398

An issue was discovered in mouse07410 asn1c thru 0.9.29 2025-03-20 - a fork of vlm asn1c. In UPER Unaligned Packed Encoding Rules, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious inp...

Linux Distros Unpatched Vulnerability : CVE-2017-5659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding. CVE-2017-5659 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2017-7379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service heap-based...

Linux Distros Unpatched Vulnerability : CVE-2017-8906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax in MulticoreWare x265 through 2.4, as used by the...

Linux Distros Unpatched Vulnerability : CVE-2016-2216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remo...

Linux Distros Unpatched Vulnerability : CVE-2019-16393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. CVE-2019-16393 Note that Nessus...

CVE-2025-55398

An issue was discovered in mouse07410 asn1c thru 0.9.29 2025-03-20 - a fork of vlm asn1c. In UPER Unaligned Packed Encoding Rules, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious inp...

Security Bulletin: IBM App Connect Enterprise is vulnerable to Improper Encoding or Escaping of Output due to xmldom ( CVE-2021-32796 )

Summary IBM App Connect Enterprise is vulnerable to Improper Encoding or Escaping of Output due to xmldom. Vulnerability Details CVEID:CVE-2021-32796 DESCRIPTION: xmldom is an open source pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. xmldom versions...

CVE-2025-55398

CVE-2025-55398 affects the mouse07410 asn1c fork (through 0.9.29). In UPER decoding, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits, potentially processing malformed input. Affected: decoders in this asn1c fork; impact is high (per CVSS...

CVE-2025-55398

An issue was discovered in mouse07410 asn1c thru 0.9.29 2025-03-20 - a fork of vlm asn1c. In UPER Unaligned Packed Encoding Rules, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious inp...

CVE-2025-55398

An issue was discovered in mouse07410 asn1c thru 0.9.29 2025-03-20 - a fork of vlm asn1c. In UPER Unaligned Packed Encoding Rules, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious inp...

PT-2025-34448 · Mouse07410 · Asn1C

Name of the Vulnerable Software and Affected Versions: mouse07410 asn1c versions through 0.9.29 Description: An issue was discovered in decoders generated by asn1c. When using UPER Unaligned Packed Encoding Rules, the decoders fail to enforce constraints on INTEGER values if the positive bound...

PT-2025-34254 · Unknown · Akaunting 3.1.18

Name of the Vulnerable Software and Affected Versions: Akaunting version 3.1.18 Description: A cross-site scripting XSS issue exists in the /common/reports component of the software. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the name parameter...

CVE-2025-4877

There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to sshgetfingerprinthash function. In such cases the bintobase64 function can experience an integer overflow leading to a memory under allocation, when that happens it's possibl...

Moderate: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Linux Distros Unpatched Vulnerability : CVE-2020-10688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when...