1019 matches found
DEBIAN-CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
UBUNTU-CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
FFmpeg-2025-1816 affects IAMF File Handler: audio_element_obu in libavformat/iamf_parse.c suffers a memory leak when num_parameters is manipulated. This enables remote initiation of an attack; the vulnerability has public disclosure. A patch is identified: 0526535cd58444dd264e810b2f3348b4d96cff3b...
CVE-2025-1816 FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816 FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
CVE-2025-1816
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audioelementobu of the file libavformat/iamfparse.c of the component IAMF File Handler. The manipulation of the argument numparameters leads to memory leak...
Arbitrary File Access
@graphql-mesh is vulnerable to Arbitrary File Access. The vulnerability is due to a missing validation check in the static file handler, which fails to restrict absolutePath to the designated staticFiles directory, allows attackers to access files outside the intended directory...
CVE-2025-1646 Lumsoft ERP ASPX File UploadAjaxAPI.ashx unrestricted upload
A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.ashx of the component ASPX File Handler. The manipulation of the argument file leads to unrestricted upload. The attack m...
CVE-2025-27098 Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler in graphql-mesh
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any...
CVE-2025-27098
GraphQL Mesh exposes a path traversal vulnerability in its staticFiles handler. When serve.staticFiles is configured, the code path does not reliably constrain absolutePath to the staticFiles directory, allowing access to files outside the intended directory. Affects GraphQL Mesh and related CLI/...
CVE-2025-27098 Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler in graphql-mesh
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as MongoDB, MySQL, and PostgreSQL. Missing check vulnerability in the static file handler allows any...
graphql-mesh 路径遍历漏洞
graphql-mesh is an application by Arda TANRIKULU Individual Developer. A path traversal vulnerability exists in graphql-mesh, which stems from a lack of checks in the static file handler that could lead to arbitrary file reads and leak server data...
PT-2025-9210
Name of the Vulnerable Software and Affected Versions FFmpeg versions up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb Description A problematic vulnerability has been found in FFmpeg, affecting the function audio element obu of the file libavformat/iamf parse.c of the component IAMF File Handler...
OESA-2025-1024 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
OESA-2025-1023 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
OESA-2025-1022 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
OESA-2025-1021 curl security update
cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: A vulnerability has been found in cURL Network Utility Software and classified as problematic. Affected by this vulnerability is an unknown cod...
PT-2025-16200 · Assimp +2 · Assimp +2
Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp versions up to 5.4.3 Description: A critical issue has been found in the Open Asset Import Library Assimp, affecting the function aiString::Set in the library include/assimp/types.h of the component File...
CVE-2024-12900
A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attac...