CVE-2025-27055 Buffer Over-read in Camera

Memory corruption during the image encoding process...

CVE-2025-27055

CVE-2025-27055 describes memory corruption during the image encoding process in Qualcomm chipsets. The vulnerability affects the image encoding path (specific product/component not explicitly named beyond chipset family) and is characterized by a high impact on confidentiality, integrity, and ava...

CVE-2025-27055 Buffer Over-read in Camera

Memory corruption during the image encoding process...

CVE-2025-21433

CVE-2025-21433 affects Qualcomm closed‑source components. The issue is a transient denial-of-service that occurs when importing a PKCS#8-encoded RSA private key with a zero-sized modulus. Root cause is a zero-sized modulus handling in the affected component(s); impact is Denial of Service (availa...

PT-2025-28458 · Gnome +6 · Glib +7

Name of the Vulnerable Software and Affected Versions: gdk-pixbuf affected versions not specified glib affected versions not specified Description: A flaw exists in gdk-pixbuf and glib, specifically in the gdk pixbuf jpeg image load increment function and g base64 encode step, respectively. When...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs during image encoding...

base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.

A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding...

base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.

A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding...

base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.

A flaw was found in base-x. This vulnerability allows attackers to generate addresses that appear legitimate, tricking users into sending money to them instead of the intended ones. The problem arises from the way base-x compresses leading zeros in addresses via manipulation of the base encoding...

CVE-2025-34061 PHPStudy 2016-2018 Backdoor Remote Code Execution Vulnerability

A backdoor in PHPStudy versions 2016 through 2018 allows unauthenticated remote attackers to execute arbitrary PHP code on affected installations. The backdoor listens for base64-encoded PHP payloads in the Accept-Charset HTTP header of incoming requests, decodes and executes the payload without...

CVE-2025-34061

Summary of CVE-2025-34061 (PHPStudy backdoor RCE) : A backdoor in PHPStudy versions 2016–2018 allows unauthenticated remote code execution by decoding and executing base64-encoded PHP payloads sent in the Accept-Charset HTTP header, running as the web server user. This is triggered by requests co...

CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

CVE-2025-1709

CVE-2025-1709 concerns Endress+Hauser MEAC300-FNADE4: information disclosure caused by local PostgreSQL credentials stored in plaintext (partially base64 encoded). Several connected sources reiterate that credentials are exposed, impacting confidentiality. Root cause: credentials stored in plaint...

CVE-2025-48379 Pillow Vulnerable to Write Buffer Overflow on BCn encoding

Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large 64k encoded with default settings image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save...

PT-2025-35964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the pNFS block/scsi layout implementation. The issue arises from a dereference of uninitialized pointers within the ext tree free commitdata function...

The vulnerability of Mozilla Firefox and Firefox ESR browsers relates to improper encoding or filtering of output data. This allows attackers to bypass existing security restrictions and redirect users to another website.

The vulnerability of Mozilla Firefox and Firefox ESR browsers is related to improper encoding or evasion of output data during the processing of the embed tag. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and redirect users to another website...

HDF5 安全漏洞

HDF5 is a data management suite developed by The HDF Group for storing and managing large-scale scientific data. A buffer overflow vulnerability exists in HDF5 1.14.6 and earlier versions, which stems from improper handling of the H5Ofsinfoencode function in the /src/H5Ofsinfo.c file. An attacker...

OESA-2025-1699 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

OESA-2025-1700 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...