CVE-2012-10055 ComSndFTP v1.3.7 Beta USER Format String RCE

ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory specifically WSACleanup from Ws232.dll...

Security update for python3

This update for python3 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

Denial Of Service (DoS)

SixLabors.ImageSharp is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed GIF comment extension blocks due to a missing block terminator, causing the GIF decoder to enter an infinite loop when processing specially crafted files...

CISA: FY 2025 State and Local Cybersecurity Grant Program FAQs

Congress established the State and Local Cybersecurity Grant Program SLCGP to "award grants to eligible entities to address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local, or Tribal governments." Within the U.S. Department ...

Lattice Semiconductor ispVM System 安全漏洞

Lattice Semiconductor ispVM System is a programming and debugging software toolset from Lattice Semiconductor, USA. A security vulnerability exists in Lattice Semiconductor ispVM System version 18.0.2, which originates from a buffer overflow when processing .xcf files and could lead to the...

ComSndFTP FTP Server 安全漏洞

ComSndFTP FTP Server is an FTP server software from ComSndFTP, Inc. A security vulnerability exists in ComSndFTP FTP Server version 1.3.7 Beta that stems from a format string vulnerability in the handling of the USER command, which could lead to the execution of arbitrary code...

PT-2025-32988 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2025.1.0.27937 Description: A memory corruption issue exists due to the use of an uninitialized pointer. A specially crafted Javascript code within a malicious PDF document can trigger this issue, potentially leading to...

PT-2025-33090 · Unknown +1 · Comsndftp Ftp Server +1

Name of the Vulnerable Software and Affected Versions: ComSndFTP FTP Server version 1.3.7 Beta Description: ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. Sending a specially crafted username with format specifiers allows a remo...

Foxit Reader Signature Uninitialized Pointer Vulnerability

Talos Vulnerability Report TALOS-2025-2202 Foxit Reader Signature Uninitialized Pointer Vulnerability August 13, 2025 CVE Number CVE-2025-32451 SUMMARY A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascrip...

PT-2025-33079 · Unknown · Quickshare File Server

Name of the Vulnerable Software and Affected Versions: QuickShare File Server version 1.2.1 Description: QuickShare File Server version 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this fla...

Incorporating Taxonomies of Cyber Incidents into Detection Networks for Improved Detection Performance

Many taxonomies exist to organize cybercrime incidents into ontological categories. We examine some of the taxonomies introduced in the literature; providing a framework, and analysis, of how best to leverage different taxonomy structures to optimize performance of detections targeting various...

SUSE SLES12 Security Update : tiff (SUSE-SU-2025:02771-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02771-1 advisory. - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 - CVE-2025-8177: Fixed possible buffer overflow in...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1993)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : RDMA/core: Silence oversized kvmalloc warningCVE-2025-37867 igb: revert rtnllock that causes deadlockCVE-2023-53060 bnxten: Avoid order-5 memory...

SUSE SLED15: libpython3_13-1_0 / python313 / python313-base / python313-curses / etc (SUSE-SU-2025:02767-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02767-1 advisory. - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. -...

Intel Local Manageability Service Advisory - Lenovo Support US

No description provided...

SUSE-SU-2025:02770-1 Security update for tiff

This update for tiff fixes the following issues: - Updated TIFFMergeFieldInfo with readcount=writecount=0 for FIELDIGNORE bsc1243503 - CVE-2025-8176: Fixed heap use-after-free in tools/tiffmedian.c bsc1247108 - CVE-2025-8177: Fixed possible buffer overflow in tools/thumbnail.c:setrow when...

Securing Educational LLMs: a Generalised Taxonomy of Attacks on LLMs and DREAD Risk Assessment

Due to perceptions of efficiency and significant productivity gains, various organisations, including in education, are adopting Large Language Models LLMs into their workflows. Educator-facing, learner-facing, and institution-facing LLMs, collectively, Educational Large Language Models eLLMs,...

Image Selective Encryption Analysis Using Mutual Information in CNN Based Embedding Space

As digital data transmission continues to scale, concerns about privacy grow increasingly urgent - yet privacy remains a socially constructed and ambiguously defined concept, lacking a universally accepted quantitative measure. This work examines information leakage in image data, a domain where...

SUSE SLES12: ImageMagick-config-6-SUSE / ImageMagick-config-6-upstream / etc (SUSE-SU-2025:02751-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02751-1 advisory. - CVE-2025-53014: Fixed an off-by-one error may cause an out-of-bounds memory access bsc1246530 - CVE-2025-53019: Fixed format specifiers in a...

ROS-20250812-03

The MIFF component of the GraphicsMagick cross-platform graphics library is vulnerable to authorization errors. authorization errors. Exploitation of the vulnerability could allow an attacker to compromise the confidentiality, integrity, and availability of protected information. confidentiality,...