23149 matches found
CVE-2025-1047
Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must...
CVE-2025-1046
Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...
UBUNTU-CVE-2025-2761
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open ...
Incorrect Calculation of Buffer Size
Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size due to mishandling of image depth after SetQuantumFormat is used. An attacker can manipulate the image processing results by submitting a specially crafted MIFF file. Remediation A fix was pushed int...
CVE-2025-43965
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...
UBUNTU-CVE-2025-46393
In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packetsize is mishandled related to the rendering of all channels in an arbitrary order...
DEBIAN-CVE-2025-43965
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...
UBUNTU-CVE-2025-43965
In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used...
Give LLMs a Security Course: Securing Retrieval-Augmented Code Generation Via Knowledge Injection
Retrieval-Augmented Code Generation RACG leverages external knowledge to enhance Large Language Models LLMs in code synthesis, improving the functional correctness of the generated code. However, existing RACG systems largely overlook security, leading to substantial risks. Especially, the...
CheatAgent: Attacking LLM-Empowered Recommender Systems Via LLM Agent
Recently, Large Language Model LLM-empowered recommender systems RecSys have brought significant advances in personalized user experience and have attracted considerable attention. Despite the impressive progress, the research question regarding the safety vulnerability of LLM-empowered RecSys...
ImageMagick 安全漏洞
ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. A security vulnerability exists in versions prior to ImageMagick 7.1.1-44 that stems from improper image depth handling in MIFF image processing...
GIMP 缓冲区错误漏洞
GIMP is an open source bitmap image editor from the GIMP team. GIMP suffers from a buffer error vulnerability that stems from unvalidated user data during FLI file parsing, which could lead to out-of-bounds writes and remote code execution...
ImageMagick 安全漏洞
ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert, or write images in a variety of formats. A security vulnerability exists in versions prior to ImageMagick 7.1.1-44 that stems from improper packetsize handling in multispectral MIFF...
Incorrect Calculation of Buffer Size
Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size due to an incorrect calculation of buffer size during the multispectral MIFF processing. An attacker can cause a denial of service by exploiting this buffer size miscalculation. Remediation A fix was...
📄 Microsoft Windows 11 23h2 Privilege Escalation
Microsoft Windows 11 23h2 CLFS.sys proof of concept privilege escalation exploit. Exploit Title:Microsoft Windows 11 23h2 - 'CLFS.sys' Elevation of Privilege Vulnerability Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H:...
Libraw 缓冲区错误漏洞
Libraw is a C++ library from Libraw for processing RAW CRW/CR2, NEF, RAF, DNG, andothers format images, supporting various operating systems. A buffer error vulnerability exists in Libraw versions prior to 0.21.4, which stems from an out-of-bounds read by the Fujifilm 0xf00c tag parser in...
How Do Mobile Applications Enhance Security? an Exploratory Analysis of Use Cases and Provided Information
The ubiquity of mobile applications has increased dramatically in recent years, opening up new opportunities for cyber attackers and heightening security concerns in the mobile ecosystem. As a result, researchers and practitioners have intensified their research into improving the security and...
CVE-2025-31497
TEIGarage is a webservice and RESTful service to transform, convert and validate various formats, focussing on the TEI format. The Document Conversion Service contains a critical XML External Entity XXE Injection vulnerability in its document conversion functionality. The service processes XML...
The png_convert_to_rfc1123 function in png.c allows remote attackers to obtain sensitive process memory information
...
Low: cuda-cupti-12-8
Issue Overview: NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. CVE-2024-53870...