CLSA-2025-1758289801 Fix CVE(s): CVE-2025-53101

SECURITY UPDATE: stack overflow via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53101.patch: Fix image filename interpretation issue by adjusting the offset value - CVE-2025-53101...

GHSA-77WQ-646F-JRM2 Duplicate Advisory: The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36rr-ww3j-vrjv. This link is maintained to preserve external references. Original Description The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One c...

PYSEC-2025-123

The Keras Model.loadmodelmethod can be exploited to achieve arbitrary code execution, even with safemode=True.One can create a specially crafted .h5/.hdf5model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed.This is achieved by crafting a special .h5archi...

AZL-67505 CVE-2025-9905 affecting package keras for versions less than 3.3.3-4

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

DEBIAN-CVE-2025-9905

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

UBUNTU-CVE-2025-9905

The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .h5/.hdf5 model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...

Memory Leakage

ImageMagick is vulnerable to Memory Leakage. The vulnerability is due to improper handling of format specifiers because multiple consecutive %d in a filename template within the magick stream command trigger memory leakage...

Stack-based Buffer Overflow

ImageMagick is vulnerable to stack-based buffer overflow. The vulnerability is due to improper pointer arithmetic when multiple consecutive %d format specifiers are used in the magick mogrify command filename template, which allows an attacker to trigger a stack overflow through vsnprintf...

CVE-2025-8276

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Patika Global Technologies HumanSuite allows...

CLSA-2025-1758195721 ImageMagick: Fix of 4 CVEs

CVE-2025-55154: fix integer overflows in MNG magnification - CVE-2025-55212: fix division by zero in ThumbnailImage - CVE-2025-57803: fix 32-bit integer overflow when writing BMP scanline stride - CVE-2025-55298: fix format string bug leading to RCE or heap overflow...

Ashlar-Vellum Cobalt 缓冲区错误漏洞

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. Ashlar-Vellum Cobalt suffers from an out-of-bounds read...

Ashlar-Vellum Graphite 安全漏洞

Ashlar-Vellum Graphite is a CAD modeling software from Ashlar-Vellum. A security vulnerability exists in Ashlar-Vellum Graphite that stems from memory not being properly initialized when parsing VC6 files, which could lead to remote code execution...

CVE-2025-8894

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-8893

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2025-8894

CVE-2025-8894 describes a heap-based overflow when parsing specially crafted PDF files in Autodesk products. The vulnerability affects Autodesk software that handles PDF parsing (e.g., Autodesk Revit and related components) and can lead to a crash, disclosure of sensitive data, or execution of ar...

CVE-2025-8276

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Patika Global Technologies HumanSuite allows...

CVE-2025-8276

CVE-2025-8276 affects Patika Global Technologies’ HumanSuite (prior to 53.21.0). The issue stems from improper encoding/escaping of output and insufficient neutralization of input in web page generation, enabling Cross-Site Scripting (XSS) and injection-style risks (including potential code/data ...

CVE-2025-8276 HTML Injection in Patika Global Technologies' HumanSuite

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Patika Global Technologies HumanSuite allows...

CVE-2025-8276 HTML Injection in Patika Global Technologies' HumanSuite

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting', Improper Encoding or Escaping of Output, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Patika Global Technologies HumanSuite allows...

CVE-2023-53295 udf: Do not update file length for failed writes to inline files

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...