1026 matches found
AZL-58368 CVE-2025-2153 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...
CVE-2025-2153
CVE-2025-2153 impacts HDF5 1.14.6, specifically the H5SM_delete function in H5SM.c of the h5 File Handler. The vulnerability is a heap-based buffer overflow that can be triggered remotely; exploitation is described as difficult and is publicly disclosed. Connected sources confirm this as a critic...
SUSE CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1846
A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...
CVE-2025-1846 zj1983 zz File ZfileAction.java deleteLocalFile denial of service
A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to deni...
CVE-2025-1846
CVE-2025-1846 affects the zj1983 zz project (up to 2024-8). The flaw is in the File Handler: ZfileAction.java, function deleteLocalFile, where manipulation of the zids argument can cause a remote denial of service. The attack is remotely initiable and exploits have been disclosed publicly; the ve...
DEBIAN-CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
UBUNTU-CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
FFmpeg-2025-1816 affects IAMF File Handler: audio_element_obu in libavformat/iamf_parse.c suffers a memory leak when num_parameters is manipulated. This enables remote initiation of an attack; the vulnerability has public disclosure. A patch is identified: 0526535cd58444dd264e810b2f3348b4d96cff3b...
CVE-2025-1816 FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816 FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
Arbitrary File Access
@graphql-mesh is vulnerable to Arbitrary File Access. The vulnerability is due to a missing validation check in the static file handler, which fails to restrict absolutePath to the designated staticFiles directory, allows attackers to access files outside the intended directory...
CVE-2025-1646 Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted upload
A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...
CVE-2025-27098 Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler in graphql-mesh
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any...
CVE-2025-27098 Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler in graphql-mesh
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any...
CVE-2025-27098
GraphQL Mesh exposes a path traversal vulnerability in its staticFiles handler. When serve.staticFiles is configured, the code path does not reliably constrain absolutePath to the staticFiles directory, allowing access to files outside the intended directory. Affects GraphQL Mesh and related CLI/...
graphql-mesh 路径遍历漏洞
graphql-mesh is an application by Arda TANRIKULU Individual Developer. A path traversal vulnerability exists in graphql-mesh, which stems from a lack of checks in the static file handler that could lead to arbitrary file reads and leak server data...