23055 matches found
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50400)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
SUSE SLES15 Security Update : python-Jinja2 (SUSE-SU-2025:1004-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1004-2 advisory. - CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879 Tenable has extracted the preceding...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50403)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
EUVD-2025-202767
An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50399)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50402)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50401)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50397)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50396)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QT...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991135)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991135 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier While the check for formatcount 64 in...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50398)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
CVE-2025-66628
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parser contains a critical integer overflow vulnerability in its ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file...
CVE-2020-36894 Eibiz i-Media Server Digital Signage 3.8.0 Unauthenticated User Creation Vulnerability
Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through AMF-encoded object manipulation. Attackers can send crafted serialized objects to the /messagebroker/amf endpoint to create administrative...
Exploit for CVE-2025-57459
CVE-2025-57459 Des: Stored XS...
CVE-2025-65815
A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory traversal...
GHSA-6HJR-V6G4-3FM8 ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only)
Summary The TIM PSX TIM image parser in ImageMagick contains a critical integer overflow vulnerability in the ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file header and calculates imagesize = 2 width height without checking for overflow. On 32-bit...
ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only)
Summary The TIM PSX TIM image parser in ImageMagick contains a critical integer overflow vulnerability in the ReadTIMImage function coders/tim.c. The code reads width and height 16-bit values from the file header and calculates imagesize = 2 width height without checking for overflow. On 32-bit...
Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2025:1004-2 Security update for python-Jinja2
This update for python-Jinja2 fixes the following issues: - CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879...
EUVD-2025-202375
Malicious code in rum-events-format npm...