CVE-2023-53295

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails or happens only partly, we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline...

SUSE-SU-2025:20717-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update vendored crate slab to version 0.4.11 CVE-2025-55159: Fixed incorrect bounds check in getdisjointmut function leading to undefined behavior or potential crash due to out-of-bounds access bsc1248006 - Update to version 0.2.8+12:...

Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update vendored crate slab to version 0.4.11 CVE-2025-55159: Fixed incorrect bounds check in getdisjointmut function leading to undefined behavior or potential crash due to out-of-bounds access bsc1248006 Update to version 0.2.8+12:...

Autodesk Revit 安全漏洞

Autodesk Revit is a suite of building information modeling software from the American company Autodesk. A security vulnerability exists in Autodesk Revit that originates from a heap buffer overflow when parsing specially crafted PDF files, which could lead to a crash, read sensitive data, or...

Autodesk Revit 安全漏洞

Autodesk Revit is a suite of building information modeling software from the American company Autodesk. A security vulnerability exists in Autodesk Revit that originates from an out-of-bounds write when parsing a specially crafted PDF file, which could result in a crash, data corruption, or the...

PT-2025-37900

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel where the file length of an inline file was incorrectly updated even when a write operation failed or only partially succeeded. This occurred because...

DEBIAN-CVE-2023-53165

In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. The only practical...

CVE-2023-53165 udf: Fix uninitialized array access for some pathnames

In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. The only practical...

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2025-1182)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1182 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the...

PocCollect

This repository is an offensive tool for vulnerability scanning and exploitation, specifically targeting various web applications and services. The primary vulnerability class targeted is SQL injection, with specific examples of exploits for Struts2, 08CMS, and ASPCMS. The tool is written in Pyth...

exploit_me

This is a vulnerable ARM/AARCH64 application, specifically designed for a CTF Capture The Flag style exploitation tutorial. The application is written in C and is intended to demonstrate various types of vulnerabilities, including integer overflow, stack overflow, array overflow, off-by-one, stac...

linux-exploit-development-tutorial

This is a Linux exploit development tutorial for beginners. The repository contains a series of chapters on various topics, including basic knowledge, stack security, heap security, and kernel security. The first chapter covers basic knowledge, including format string vulnerabilities, integer...

Zeratool

This repository, Zeratool, is an automatic exploit generation tool for exploitable CTF Capture The Flag problems. It uses the angr concolic analysis engine to analyze binaries and identify vulnerabilities, and then weaponizes these vulnerabilities for remote code execution through pwntools. The...

UBUNTU-CVE-2025-39787

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

vxscan

VXScan+ VXScan+ is an advanced Python-based web vulnerabili...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077...

imagemagick: ImageMagick: integer overflows in MNG magnification

An integer overflow flaw has been discovered in ImageMagick. The magnified size calculations in ReadOneMNGIMage in coders/png.c are unsafe and can overflow, leading to memory corruption...

SUSE SLES12: ImageMagick-config-6-SUSE / ImageMagick-config-6-upstream / etc (SUSE-SU-2025:03150-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03150-1 advisory. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. - CVE-2025-55154: Fixed integer overfl...

[SECURITY] [DLA 4297-1] imagemagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4297-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 10, 2025 https://wiki.debian.org/LTS -...