Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from insufficient boundary checking in 3D annotation processing, which may result in memory corruption...

SUSE SLES16 Security Update : ImageMagick (SUSE-SU-2025:21211-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:21211-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. -...

EUVD-2025-204104

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.3.1...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when reading an unauthenticated corrupted ELF image...

PT-2025-52390

Name of the Vulnerable Software and Affected Versions NSF Unidata NetCDF-C affected versions not specified Description A remote code execution issue exists in NSF Unidata NetCDF-C due to an integer overflow in the handling of NC Variables. This allows for potential code execution. Recommendations...

Mozilla Firefox < 32.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 32.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2014-69 advisory. - Apparent info leak caused by uninitialized memory with malformed GIFsCVE-2014-1564 CVE-2014-1564 Note that Nessus has...

openSUSE 16 Security Update : ImageMagick (openSUSE-SU-2025:20162-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20162-1 advisory. - CVE-2025-62594: unsigned underflow and division-by-zero can lead to OOB pointer arithmetic and process crash bsc1252749. - CVE-2025-57807:...

EulerOS Virtualization 2.13.1 : libtiff (EulerOS-SA-2025-2550)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the fil...

Mattermost fails to check Websocket request for proper UTF-8 format potentially crashing Calls plug-in

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 fail to check WebSocket request field for proper UTF-8 format, which allows attacker to crash Calls plug-in via sending malformed request...

CVE-2025-8082

A flaw was found in Vuetify's VDatePicker component. This vulnerability allows unsanitized HTML to be inserted into the page, leading to a Cross-Site Scripting XSS attack via the 'title-date-format' property accepting a user-created function and assigning its output to the 'innerHTML' property...

SUSE CVE-2025-68228

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...

nbconvert 代码问题漏洞

nbconvert is a format conversion library organized by Jupyter. Converts Jupyter .ipynb notebook document files to another static format, including HTML, LaTeX, PDF, Markdown, and more. A code issue vulnerability exists in nbconvert 7.16.6 and earlier versions that stems from improper handling whe...

PT-2025-51852

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 fail to check WebSocket request field for proper UTF-8 format, which allows attacker to crash Calls plug-in via sending malformed request...

GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XCF files. The...

PT-2025-51985

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw exists in the parsing of XCF files within GIMP, leading to a use-after-free condition. This allows remote attackers to potentially execute arbitrary code on affected systems. User...

Linux Distros Unpatched Vulnerability : CVE-2025-68228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will...

CVE-2025-53619

An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.The function nullconvert is called based of...

CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

CVE-2025-68228

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...

UBUNTU-CVE-2025-68228

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...