Lucene search
K

23140 matches found

Snyk
Snyk
added 2025/05/16 5:43 a.m.5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an integer overflow in the makeRoom function. An attacker can achieve arbitrary code execution by supplying a crafted input that triggers the buffer overflow. Remediation Upgrade libavif to version...

9.1CVSS8.2AI score0.00299EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.2 views

Probing the Vulnerability of Large Language Models to Polysemantic Interventions

Polysemanticity -- where individual neurons encode multiple unrelated features -- is a well-known characteristic of large neural networks and remains a central challenge in the interpretability of language models. At the same time, its implications for model safety are also poorly understood...

7.2AI score
Exploits0
Debian CVE
Debian CVE
added 2025/05/16 12:0 a.m.6 views

CVE-2025-48175

In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes...

6.5CVSS4.8AI score0.00269EPSS
Exploits1
OSV
OSV
added 2025/05/14 6:5 p.m.3 views

DRUPAL-CONTRIB-2025-060

This module enables you to seamlessly migrate and deploy content across environments, eliminating manual steps. It simplifies the process by exporting content to a YML file or a ZIP archive, which can be imported into another environment effortlessly. While the export feature rightfully bypasses...

3.1CVSS6.7AI score0.00186EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/14 12:0 a.m.2 views

编号撤回

Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. This CVE number has been withdrawn...

6.4AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0140: libinput (ALINUX3-SA-2022:0140)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0140 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-1215: A format string vulnerability was...

7.8CVSS7.2AI score0.00364EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/05/13 2:0 p.m.35 views

nginx: Memory disclosure in the ngx_http_mp4_module

A vulnerability was found in NGINX’s module, ngxhttpmp4module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module...

7.1CVSS7.3AI score0.01069EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2025/05/13 1:58 p.m.5 views

ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript

A flaw was found in Artifex Ghostscript base/gsdevice.c. This vulnerability allows path truncation, path traversal, and possible code execution via an integer overflow when parsing the filename format string for the output filename...

7.8CVSS6.2AI score0.00387EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/05/13 12:37 p.m.2 views

Security update for gimp

This update for gimp fixes the following issues: CVE-2025-2761: unvalidated user input in FLI file parsing may lead to an out-of-bounds write bsc1241691. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.1CVSS7.4AI score0.01432EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.5 views

gstreamer1-plugins-good: integer underflow in FOURCC_strf parsing leading to OOB-read

A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer can lead to out-of-bounds reads that may cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

7.5CVSS5.8AI score0.01051EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.4 views

gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask

A flaw was found in the GStreamer library. An out-of-bounds read in the gst-discoverer-1.0 command line tool can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. This issue only affects the gst-discoverer-1.0 command line tool an...

9.1CVSS5.8AI score0.01101EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/13 8:36 a.m.4 views

grub2: reader/jpeg: Heap OOB Write during JPEG parsing

A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...

6.7CVSS5.8AI score0.00243EPSS
Exploits0References5
Redos
Redos
added 2025/05/13 12:0 a.m.28 views

ROS-2-442

2.442 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...

7.8CVSS8AI score0.02391EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.14 views

Amazon Linux AMI : ghostscript (ALAS-2025-1978)

The version of ghostscript installed on the remote host is prior to 8.70-24.35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1978 advisory. PS interpreter - check the type of the Pattern Implementation NOTE:...

7.8CVSS7.9AI score0.00388EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.2 views

Valida ISA Spec, Version 1.0: a Zk-Optimized Instruction Set Architecture

The Valida instruction set architecture is designed for implementation in zkVMs to optimize for fast, efficient execution proving. This specification intends to guide implementors of zkVMs and compiler toolchains for Valida. It provides an unambiguous definition of the semantics of Valida program...

6.9AI score
Exploits0
Amazon
Amazon
added 2025/05/12 12:0 a.m.16 views

Important: ghostscript

Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...

7.8CVSS8.3AI score0.00388EPSS
Exploits0
OSV
OSV
added 2025/05/09 12:43 p.m.6 views

OESA-2025-1502 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS6.9AI score0.00485EPSS
Exploits0References3
OSV
OSV
added 2025/05/09 12:43 p.m.3 views

OESA-2025-1500 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS6.9AI score0.00485EPSS
Exploits0References3
OSV
OSV
added 2025/05/09 12:43 p.m.5 views

OESA-2025-1499 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS6.8AI score0.00485EPSS
Exploits0References2
OSV
OSV
added 2025/05/09 12:43 p.m.4 views

OESA-2025-1498 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS6.9AI score0.00485EPSS
Exploits0References3
Rows per page
Query Builder