769 matches found
ALPINE-CVE-2025-47807
In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
DEBIAN-CVE-2025-47807
In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
UBUNTU-CVE-2025-47807
In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
CVE-2025-47807
In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
GStreamer 安全漏洞
GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A security vulnerability exists in GStreamer 1.26.1 and earlier versions, which stems from the presence of a null pointer dereference in the subripunescapeformatting function, which could lead to a crash...
WordPress Preserve Code Formatting Plugin <= 4.0.1 - PHP Object Injection Vulnerability
PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin Preserve Code Formatting versions = 4.0.1...
Vulnerability fixed in SonicWall SonicOS
SonicWall has fixed a vulnerability in SonicOS. The vulnerability is in how SonicOS' SSL VPN interface handles externally controlled formatting strings. This can be exploited by external, unauthenticated attackers, leading to service disruptions. Attackers can exploit this vulnerability to affect...
SonicWALL SonicOS SSLVPN 格式化字符串错误漏洞
SonicWALL SonicOS SSLVPN is a virtual private network for secure remote access from SonicWALL USA. A Formatting String Error vulnerability exists in SonicWALL SonicOS SSLVPN that originates from an externally controlled formatting string and could result in a service interruption...
CLSA-2025-1752749203 jq: Fix of CVE-2025-48060
CVE-2025-48060: fix heap-buffer-overflow in function jvstringvfmt in jqfuzzexecute by adding boundary checks...
SUSE-SU-2025:20493-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. - CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc123898...
jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...
jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...
CLSA-2025-1751135005 curl: Fix of CVE-2024-7264
CVE-2024-7264: fix out-of-bound read in GTime2str function...
UBUNTU-CVE-2022-50051
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...
CVE-2025-48993 Group-Office vulnerable to reflected XSS via Look and Feel Formatting input
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web applicatio...
CVE-2025-48993 Group-Office vulnerable to reflected XSS via Look and Feel Formatting input
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web applicatio...
CVE-2025-48993
Group-Office (enterprise CRM/groupware) is affected by a reflected XSS via the Look and Feel Formatting fields. The issue arises because input in these fields is not properly sanitized. Affected versions: before 6.8.123 and before 25.0.27. Patches exist: 6.8.123 and 25.0.27. Remediation: upgrade ...
[SECURITY] Fedora 41 Update: mingw-icu-74.2-4.fc41
ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...
SUSE CVE-2025-47807
In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
Freescout String Formatting Vulnerability
FreeScout is an open source helpdesk system built on the PHP Laravel framework, designed to provide users with functionality similar to Zendesk or Help Scout, but without sacrificing privacy or freedom. Freescout suffers from a string formatting vulnerability that stems from insufficient validati...