23145 matches found
Apple Security Advisory 03-31-2025-9
Apple Security Advisory 03-31-2025-9 - macOS Ventura 13.7.5 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-8
Apple Security Advisory 03-31-2025-8 - macOS Sonoma 14.7.5 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-7
Apple Security Advisory 03-31-2025-7 - macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...
DRUPAL-CONTRIB-2025-029
This module enables you to obfuscate email addresses, to avoid them being easily available to spammers. The module doesn't sufficiently sanitise input when ROT13 encoding is used. This vulnerability is mitigated by the fact that an attacker must have a role with the ability to enter specific HTML...
GHSA-M5QC-5HW7-8VG7 image-size Denial of Service via Infinite Loop during Image Processing
Summary image-size is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in findBox when processing certain images with a box with size 0. Details If the first bytes of the input does not match any bytes in...
Exploit for Unrestricted Upload of File with Dangerous Type in Etoilewebdesign Front_End_Users
CVE-2025-2005 WordPress Front End Users Plugin = 3.2.32 i...
PT-2025-22199
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the trace event verifier. The verifier checks the formats of trace events to ensure they do not point to memory that is...
CVE-2025-21905
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...
AZL-60358 CVE-2025-21905 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...
CVE-2025-21905 wifi: iwlwifi: limit printed string from FW file
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...
CVE-2025-1658
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
SUSE CVE-2024-48615
Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...
SUSE CVE-2025-2914
A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...
PT-2025-14102 · Autodesk · Autodesk Navisworks
Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks affected versions not specified Description: The issue arises from a maliciously crafted DWFX file being parsed through Autodesk Navisworks, leading to a Memory Corruption vulnerability. This can be exploited by a maliciou...
Autodesk Navisworks 缓冲区错误漏洞
Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks that originates from parsing a specially crafted DWFX file resulting in memory corruption that could...
The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against internet attacks, the FortiPAM account management system, the FortiWeb network gateway for web applications, and the FortiSRA software for secure remote access, allow attackers to execute arbitrary code or commands.
The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against Internet attacks, the FortiPAM account management system, the FortiWeb web application firewall, and the FortiSRA software for secure remote access are related to insufficient...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause a denial-of-service...
CVE-2025-24199
An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...