Moderate: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ALSA-2025:4658 Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service CVE-2017-17095 For more details about the security issues, including the impact, a CVSS...

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service CVE-2017-17095 For more details about the security issues, including the impact, a CVSS...

SUSE-SU-2025:1489-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-43965: mishandling of image depth after SetQuantumFormat is used in MIFF image processing. bsc1241659...

Exploit for Code Injection in Foxcms

CVE-2025-29306 - FoxCMS Remote Code Execution Exploit !Pytho...

CVE-2025-1047

Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must...

CVE-2025-1046

Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

Incorrect Calculation of Buffer Size

Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size due to mishandling of image depth after SetQuantumFormat is used. An attacker can manipulate the image processing results by submitting a specially crafted MIFF file. Remediation A fix was pushed int...

UBUNTU-CVE-2025-46393

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...

Adobe Photoshop 安全漏洞

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A heap buffer overflow vulnerability exists in Adobe Photoshop Desktops. The vulnerability is due to a failure to perform strict checksums on memory...

[SECURITY] Fedora 42 Update: augeas-1.14.2-0.4.20250324git4dffa3d.fc42

A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its public API. Changes made through the API are written back to the initially read files. The transformation works very hard to preserve comments and...

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero when handling an invalid unknown.blockcount type in a Modelfile. An attacker can cause the application to crash by importing a malicious GGUF. Remediation Upgrade github.com/ollama/ollama/llm to version 0.6.3-rc1 or...

Deserialization of Untrusted Data

Overview qiskit-terra is a Software for developing quantum computing programs Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the qiskit.qpy.load function. An attacker can execute arbitrary code by crafting a malicious QPY file and loading it via this...

CVE-2025-2000

A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats 13. A python process calling Qiskit 0.18.0 through 1.4.1's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded...

Linux Distros Unpatched Vulnerability : CVE-2022-46292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master...

Linux Distros Unpatched Vulnerability : CVE-2022-46293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master...

PT-2025-19688 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: libdwg affected versions not specified Description: The software is susceptible to an index-out-of-bounds issue discovered through OSS-Fuzz testing. The crash occurs during the processing of .dwg files, specifically within the dwg decode eed,...

[SECURITY] Fedora 41 Update: libheif-1.19.5-3.fc41

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

[SECURITY] Fedora 40 Update: libheif-1.19.5-3.fc40

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

OpenSearch Dashboards Reports 安全漏洞

OpenSearch Dashboards Reports is an OpenSearch open source application. It is used to export and automate PNG, PDF and CSV reports in OpenSearch Dashboard. A security vulnerability exists in OpenSearch Dashboards Reports version 2.19, which stems from the Dashboards Reports module containing a...