11271 matches found
CVE-2025-52456
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
CVE-2025-50129
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .tga file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-46407
The CVE-2025-46407 entry concerns a memory corruption vulnerability in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. The root cause is an integer overflow while reading the palette from a specially crafted BMP file, which can overflow a heap-based buffer. Thi...
CVE-2025-32468
CVE-2025-32468 : A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp, an integer overflow occurs during stride calculation, leading to a heap-based buffer overflow during decoding and p...
CVE-2025-35984
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-35984
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-53510
A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .psd file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffe...
CVE-2025-53085
A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .psd file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-52456
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
CVE-2025-52456
The CVE-2025-52456 entry describes a memory corruption in the WebP decoding path of the SAIL Image Decoding Library v0.9.8. Specifically, an integer overflow during stride calculation in the WebP animation decoding can overflow a heap buffer, enabling remote code execution when a crafted file is ...
CVE-2025-52456
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...
CVE-2025-8562
CVE-2025-8562 refers to a path traversal vulnerability in the WordPress plugin Custom Query Shortcode (versions
PerfreeBlog 安全漏洞
PerfreeBlog is PerfreeBlog open source a java-based development of blog/CMS site building platform. PerfreeBlog v4.0.11 version of a security vulnerability , the vulnerability stems from the getThemeFileContent function has an arbitrary file read problem...
CVE-2025-29421
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function...
Linux Distros Unpatched Vulnerability : CVE-2016-10187
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The E-book viewer in calibre before 2.75 allows remote attackers to read arbitrary files via a crafted epub file with JavaScript. CVE-2016-10187 Note that Nessu...
CVE-2025-29421
CVE-2025-29421 affects PerfreeBlog v4.0.11 and describes an arbitrary file-read vulnerability in the getThemeFileContent function. The CVE reports a network-based, low-complexity issue with no privileges required and no user interaction, resulting in high confidentiality impact and no integrity/a...
Linux Distros Unpatched Vulnerability : CVE-2018-10472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users in certain configurations to read arbitrary dom0 files via QMP live insertion of a...
PT-2025-34622 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the WebP Image Decoding functionality. Loading a specially crafted .webp animation can cause an integer overflow when calculating the stride for...
PT-2025-34625 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the BMPv3 RLE Decoding functionality. A heap-based buffer overflow can occur when decompressing image data from a specially crafted .bmp file,...
PT-2025-34682 · Unknown · Perfreeblog
Name of the Vulnerable Software and Affected Versions: PerfreeBlog version 4.0.11 Description: PerfreeBlog version 4.0.11 contains an arbitrary file read vulnerability within the getThemeFileContent function. Recommendations: At the moment, there is no information about a newer version that...