23089 matches found
CVE-2025-54491
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-54483
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This...
CVE-2025-53557
A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
Vulnerabilities fixed in Foxit Reader
Foxit has fixed vulnerabilities in Foxit Reader Specific to version 2025.1.0.27937. The vulnerabilities are in the way Foxit Reader handles PDF files. Malicious parties can exploit these vulnerabilities by tricking users into opening a malicious PDF file or visiting a malicious website, which can...
Denial Of Service (DoS)
setasign/fpdi is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of user-supplied PDF files, which allows an attacker to upload a crafted malicious PDF that leads to memory exhaustion and server crash...
PT-2025-34626 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PSD RLE Decoding functionality. Decompressing image data from a crafted .psd file can lead to a heap-based buffer overflow, potentially allowing fo...
SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2216 SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-32468 SUMMARY A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...
SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2217 SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-35984 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...
SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2218 SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53510 SUMMARY A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...
The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2233 The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52581 SUMMARY An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project...
Linux Distros Unpatched Vulnerability : CVE-2017-7383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
Linux Distros Unpatched Vulnerability : CVE-2017-9996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cdxldecodeframe function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before...
Linux Distros Unpatched Vulnerability : CVE-2019-5057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap...
Linux Distros Unpatched Vulnerability : CVE-2015-8106
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format stri...
Linux Distros Unpatched Vulnerability : CVE-2019-5058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap...
Linux Distros Unpatched Vulnerability : CVE-2019-14296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - canUnpack in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service SEGV or buffer overflow, and application crash or possibly have...
CVE-2025-9394 PoDoFo PDF Dictionary PdfTokenizer.cpp DetermineDataType use after free
A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host...
CVE-2025-9394 PoDoFo PDF Dictionary PdfTokenizer.cpp DetermineDataType use after free
A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host...
PT-2025-34570 · Podofo +1 · Podofo +1
Name of the Vulnerable Software and Affected Versions: PoDoFo version 1.1.0-dev Description: A flaw has been identified in the PDF Dictionary Parser component of PoDoFo. The issue resides within the PdfTokenizer::DetermineDataType function in the file src/podofo/main/PdfTokenizer.cpp. Manipulatio...
Linux Distros Unpatched Vulnerability : CVE-2014-6262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execut...