CVE-2025-8837 JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

CVE-2025-8837

CVE-2025-8837 affects JasPer up to 4.2.5, in the JPC decoder (jpc_dec_dump) of the JPEG2000 File Handler. The issue enables a use-after-free condition when processing malformed input, with local attack requirements and public exploit disclosure. Multiple connected advisories report a patch to upg...

CVE-2025-8837 JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

Linux Distros Unpatched Vulnerability : CVE-2025-2581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM Fil...

CVE-2025-8753

A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be...

CVE-2025-8753 linlinjava litemall File delete path traversal

A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be...

CVE-2025-8753

CVE-2025-8753 affects linlinjava litemall up to version 1.8.0. The vulnerability resides in the File Handler’s delete function at /admin/storage/delete, where manipulation of the key parameter enables path traversal. The issue can be exploited remotely and the public exploit is disclosed. Affecte...

CVE-2012-10036

CVE-2012-10036 affects Project Pier

Security update for jbigkit

This update for jbigkit fixes the following issues: Updated to version 2.1: CVE-2022-1210: Fixed denial of service in TIFF File Handler bsc1198146 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

SUSE-SU-2025:20509-1 Security update for jbigkit

This update for jbigkit fixes the following issues: - Updated to version 2.1: CVE-2022-1210: Fixed denial of service in TIFF File Handler bsc1198146...

CVE-2025-7895

A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function uploadbgmfile of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It i...

CVE-2025-7884

A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...

CVE-2025-7884

A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...

CVE-2025-7884 Eluktronics Control Center REG File data authenticity

A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...

CVE-2025-7884

CVE-2025-7884 affects Eluktronics Control Center 5.23.51.41, specifically the REG File Handler. The underlying issue is insufficient verification of data authenticity, allowing a local-host attack. Public disclosure exists, and vendor response is noted as lacking. NVD reports a HIGH impact across...

Eluktronics Control Center 数据伪造问题漏洞

Eluktronics Control Center is a control center software from Eluktronics Corporation. A data forgery issue vulnerability exists in Eluktronics Control Center version 5.23.51.41, which stems from insufficient validation of data authenticity in the REG File Handler component...

CVE-2025-7101

A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This affects an unknown part of the file /install/installok.php of the component Configuration File Handler. The manipulation of the argument dbpass leads to code injection. It is possible to initiate the atta...

CampCodes Payroll Management System 注入漏洞

CampCodes Payroll Management System is a payroll management system from CampCodes Philippines. An injection vulnerability exists in CampCodes Payroll Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter ID in file/ajax.php...

CVE-2025-7101

A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This affects an unknown part of the file /install/installok.php of the component Configuration File Handler. The manipulation of the argument dbpass leads to code injection. It is possible to initiate the atta...

CVE-2025-7101

A vulnerability was found in BoyunCMS up to 1.4.20. It has been classified as critical. This affects an unknown part of the file /install/installok.php of the component Configuration File Handler. The manipulation of the argument dbpass leads to code injection. It is possible to initiate the atta...