11241 matches found
AZL-65076 CVE-2025-27613 affecting package git for versions less than 2.45.4-1
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
ALPINE-CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
DEBIAN-CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
USN-7630-1 resteasy, resteasy3.0 vulnerabilities
It was discovered that RESTEasy made insufficient use of random values in asynchronous jobs. An attacker could possibly use this issue to steal user data. This issue only affected Ubuntu 16.04 LTS. CVE-2016-6345 It was discovered that RESTEasy enabled a vulnerable GZIP decompression module by...
CVE-2025-21433
Transient DOS when importing a PKCS8-encoded RSA private key with a zero-sized modulus...
CVE-2025-27055
Memory corruption during the image encoding process...
Cross-site Scripting (XSS)
Overview suitable-django-autocomplete is an A suitable Django autocomplete widget using web components Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ModelAutocompleteView class due to insufficient output encoding in the autocomplete functionality. The...
cpp-httplib 安全漏洞
cpp-httplib is an HTTP/HTTPS server and client library written in C++ by the individual developer yhirose. A security vulnerability exists in cpp-httplib versions prior to 0.23.0, which stems from a Transfer-Encoding: chunked header that could cause the server to run out of memory...
SUSE CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
UBUNTU-CVE-2025-27613
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
CVE-2025-7345
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
AZL-65034 CVE-2025-7345 affecting package gdk-pixbuf2 for versions less than 2.42.10-4
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
DEBIAN-CVE-2025-7345
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
CVE-2025-7345
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
UBUNTU-CVE-2025-7345
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
CVE-2025-7345
CVE-2025-7345 affects gdk-pixbuf2 (GNOME GdkPixbuf) and involves a heap buffer overflow in gdk_pixbuf__jpeg_image_load_increment (io-jpeg.c) and glib’s g_base64_encode_step (glib/gbase64.c) when handling crafted JPEGs. Connected advisories confirm the vulnerability can lead to out-of-bounds reads...
CVE-2025-7345 Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
CVE-2025-27055
Memory corruption during the image encoding process...
CVE-2025-21433
Transient DOS when importing a PKCS8-encoded RSA private key with a zero-sized modulus...