CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966 SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows through maliciously crafted environment variables. Attackers can manipulate the username environment variable with format string payloads to potentially execute...

CVE-2023-53966

CVE-2023-53966 affects SOUND4 LinkAndShare Transmitter 1.1.2. It describes a format string vulnerability in getenv() usage where the attacker can manipulate the username environment variable to trigger memory stack overflows, potentially enabling arbitrary code execution and causing a crash. This...

EUVD-2025-204737

Umbraco CMS has an arbitrary file upload vulnerability...

hdf5: HDF5 heap-based overflow

A vulnerability was found in the H5Creconstructcacheentry function of the H5Cimage.c file in HDF5. Input manipulation can occur, which leads to a heap-based buffer overflow. Exploitation of this vulnerability requires local system access...

PT-2025-52674

Name of the Vulnerable Software and Affected Versions Umbraco CMS version 16.3.3 Description An arbitrary file upload issue exists in Umbraco CMS version 16.3.3. Attackers can potentially execute arbitrary code by uploading a specially crafted PDF file. The supplier disputes responsibility, stati...

📄 Adobe DNG SDK Linearize Out-Of-Bounds Read

A memory safety vulnerability exists in Adobe DNG SDK versions prior to 1.7.1.2410 that affects the Linearize image processing routine. When handling trimmed source images, the function erroneously performs operations using full image dimensions, resulting in an out‑of‑bounds read condition. This...

Umbraco CMS 安全漏洞

Umbraco CMS is a content management system from Umbraco, Denmark. A security vulnerability exists in Umbraco CMS version v16.3.3, which stems from the fact that uploading a specially crafted PDF file may result in the execution of arbitrary code...

PT-2025-52703

Name of the Vulnerable Software and Affected Versions SOUND4 LinkAndShare Transmitter version 1.1.2 Description SOUND4 LinkAndShare Transmitter version 1.1.2 contains a format string vulnerability. This allows attackers to trigger memory stack overflows through maliciously crafted environment...

Sharp NP series 安全漏洞

The Sharp NP series is a series of large format commercial displays from Sharp Japan. A security vulnerability exists in Sharp NP series, which stems from the presence of a stack-based buffer overflow issue that could allow an attacker to execute arbitrary commands and programs...

CLSA-2025-1766232861 delve: Fix of CVE-2025-58183

rebuild with golang 1.25.3-1 to fix CVE-2025-58183 fix unbounded memory consumption when reading GNU pax 1.0 sparse files - fix failing tests for golang 1.25...

[SECURITY] Fedora 42 Update: fonttools-4.61.0-1.fc42

fontTools is a library for manipulating fonts, written in Python. The project includes the TTX tool, that can convert TrueType and OpenType fonts to and fr om an XML text format, which is also called TTX. It supports TrueType, OpenType, AFM and to an extent Type 1 and some Mac-specific formats...

SUSE CVE-2025-68469

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

CVE-2025-60081

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Contact Form 7 pdf-for-contact-form-7 allows Object Injection.This issue affects PDF for Contact Form 7: from n/a through = 6.5.0...

CVE-2025-66494

A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code...

CVE-2025-66498

A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing U3D data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruptio...

CVE-2025-66496

CVE-2025-66496 is a memory corruption issue in Foxit PDF Reader’s 3D annotation handling due to insufficient bounds checking when parsing PRC data, leading to out-of-bounds access. The connected advisory notes Foxit fixed multiple vulnerabilities in Foxit PDF Reader, including memory corruption a...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader versions prior to 2025.2.1, prior to 14.0.1, and prior to 13.2.1, which stems from a post-release reuse vulnerability in the parsing of PDF files that could lead to the execution o...

PT-2025-52424

A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruptio...

PT-2025-52422

Name of the Vulnerable Software and Affected Versions Foxit PDF Reader versions prior to 2025.2.1 Foxit PDF Reader versions prior to 14.0.1 Foxit PDF Reader versions prior to 13.2.1 Description A use-after-free issue exists in the way Foxit PDF Reader processes PDF files. Specifically, a PDF obje...