CVE-2025-61837 Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-61837

CVE-2025-61837 affects Adobe Format Plugins. Multiple connected sources confirm a heap-based buffer overflow in Format Plugins versions 1.1.1 and earlier, enabling arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a crafted file). The iss...

CVE-2025-61838

Format Plugins versions 1.1.1 and earlier are affected by a heap-based buffer overflow that could lead to arbitrary code execution in the current user’s context. Exploitation requires user interaction (victim opens a malicious file). Affected product/component: Adobe Format Plugins. The issue is ...

CVE-2025-61841 Format Plugins | Out-of-bounds Read (CWE-125)

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive memory information. Exploitation of this issue requires user interaction in that a victim must open a...

CVE-2025-61841

Adobe Format Plugins (versions ≤ 1.1.1) are affected by an Out-of-bounds Read vulnerability leading to memory exposure. Exploitation requires user interaction (victim opens a malicious file). Affected component/file: the Format Plugins; root cause is an out-of-bounds read. Impact: potential memor...

CVE-2025-61842 Format Plugins | Use After Free (CWE-416)

Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-61842 Format Plugins | Use After Free (CWE-416)

Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-61842

Adobe Format Plugins (versions 1.1.1 and earlier) are affected by a Use-After-Free vulnerability that can lead to memory exposure and information disclosure. The issue requires user interaction (victim opens a malicious file). Connected sources confirm the affected component and impact; remediati...

CVE-2025-61844

The CVE-2025-61844 entry concerns Adobe Format Plugins (versions 1.1.1 and earlier). The issue is an Out-of-bounds Read that could disclose memory contents. Attack scenario requires user interaction: a victim must open a malicious file. Impact is memory exposure with potential sensitive data disc...

CVE-2025-61844 Format Plugins | Out-of-bounds Read (CWE-125)

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...

CVE-2025-61844 Format Plugins | Out-of-bounds Read (CWE-125)

Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim...

libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64 API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB...

RLSA-2025:20034 Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...

kernel: usbnet: ipheth: use static NDP16 location in URB

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: use static NDP16 location in URB Original code allowed for the start of NDP16 to be anywhere within the URB based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, so it was possible f...

CVE-2025-4645

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

MAL-2025-85618 Malicious code in fitri-lupis6-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f5296ac4596ca6cf80273e93cbc6b28523959939e18ad51877f5216e66d252d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-77496 Malicious code in dewanto-donat12-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3e11133101c41868495c3aa81963be0ec8784d42294333a0b5f52bffb6209e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Adobe Format Plugins 缓冲区错误漏洞

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause the disclosure of sensitive information in memory...

Adobe Format Plugins 缓冲区错误漏洞

Adobe Format Plugins is a format plug-in from the American company Audobee Adobe. Adobe Format Plugins suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to disclose sensitive information stored in memory...