openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

OPENSUSE-SU-2025:20162-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807: BlobStream Forward-Seek Under-Allocation bsc1249362. - CVE-2025-62171: incomplete fix for integer...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50402)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50403)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50397)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50399)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50398)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50401)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...

Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50396)

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QT...

CLSA-2025-1765310613 python-jinja2: Fix of CVE-2024-56326

CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...

CLSA-2025-1765287413 python-jinja2: Fix of CVE-2024-56326

CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...

crackme-project

Crackme - Binary Exploitation Challenge Projektbeschreibun...

CVE-2025-11780

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

CVE-2025-52666

Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error...

CVE-2025-60686

ToToLink routers (A720R V4.1.5cu.614_B20230630; LR1200GB V9.1.0u.6619_B20230130; NR1800X V9.1.0u.6681_B20230703) contain a local stack-based buffer overflow in infostat.cgi and cstecgi.cgi. Both binaries parse /proc/net/arp using sscanf() with the %s specifier into fixed-size stack buffers withou...

Astra Linux - уязвимость в tcl8.6

In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding...

mmc: core: use sysfs_emit() instead of sprintf()

...

CVE-2025-48826

A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability...

CVE-2025-48826

A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to memory corruption. An attacker can send a series of HTTP requests to trigger this vulnerability...