23140 matches found
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an integer overflow in the makeRoom function. An attacker can achieve arbitrary code execution by supplying a crafted input that triggers the buffer overflow. Remediation Upgrade libavif to version...
Probing the Vulnerability of Large Language Models to Polysemantic Interventions
Polysemanticity -- where individual neurons encode multiple unrelated features -- is a well-known characteristic of large neural networks and remains a central challenge in the interpretability of language models. At the same time, its implications for model safety are also poorly understood...
CVE-2025-48175
In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes...
DRUPAL-CONTRIB-2025-060
This module enables you to seamlessly migrate and deploy content across environments, eliminating manual steps. It simplifies the process by exporting content to a YML file or a ZIP archive, which can be imported into another environment effortlessly. While the export feature rightfully bypasses...
编号撤回
Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. This CVE number has been withdrawn...
Alibaba Cloud Linux 3 : 0140: libinput (ALINUX3-SA-2022:0140)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0140 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1215: A format string vulnerability was...
nginx: Memory disclosure in the ngx_http_mp4_module
A vulnerability was found in NGINX’s module, ngxhttpmp4module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module...
ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
A flaw was found in Artifex Ghostscript base/gsdevice.c. This vulnerability allows path truncation, path traversal, and possible code execution via an integer overflow when parsing the filename format string for the output filename...
Security update for gimp
This update for gimp fixes the following issues: CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write bsc1241691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer can lead to out-of-bounds reads that may cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...
gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask
A flaw was found in the GStreamer library. An out-of-bounds read in the gst-discoverer-1.0 command line tool can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. This issue only affects the gst-discoverer-1.0 command line tool an...
grub2: reader/jpeg: Heap OOB Write during JPEG parsing
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...
ROS-2-442
2.442 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...
Amazon Linux AMI : ghostscript (ALAS-2025-1978)
The version of ghostscript installed on the remote host is prior to 8.70-24.35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1978 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...
Valida ISA Spec, Version 1.0: a Zk-Optimized Instruction Set Architecture
The Valida instruction set architecture is designed for implementation in zkVMs to optimize for fast, efficient execution proving. This specification intends to guide implementors of zkVMs and compiler toolchains for Valida. It provides an unambiguous definition of the semantics of Valida program...
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
OESA-2025-1502 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
OESA-2025-1500 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
OESA-2025-1499 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
OESA-2025-1498 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...