EUVD-2025-203843

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...

CVE-2025-65834

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...

CVE-2025-65834

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...

CVE-2025-65834

CVE-2025-65834 affects Meltytech Shotcut 25.10.31, with a buffer overflow in mlt_image_fill_white triggered by processing MLT project files that specify extremely large width/height. The issue is documented across several security entries (Red Hat, SUSE/OpenSUSE, NVD, EUVD, OSV, CVE.org) and is d...

ImageMagick 缓冲区错误漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. A buffer error vulnerability exists in ImageMagick 7.1.2-9 and earlier versions, which stems from an integer overflow that could result in an...

PT-2025-50551

Name of the Vulnerable Software and Affected Versions ImageMagick versions 7.1.2-9 and prior Description ImageMagick is a software suite used for image creation, editing, composition, and conversion. A critical integer overflow exists in the TIM PSX TIM image parser's ReadTIMImage function...

Amazon Linux 2023 : cups-filters, cups-filters-devel, cups-filters-libs (ALAS2023-2025-1291)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1291 advisory. CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters package as library functions to be used for the data form...

Amazon Linux 2023 : firefox (ALAS2023-2025-1305)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1305 advisory. A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array boun...

Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2025-1306)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1306 advisory. A heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette indices. The vulnerability occurs when palettelookup array boun...

CVE-2025-64720 LIBPNG is vulnerable to a buffer overflow in `png_image_read_composite` via incorrect palette premultiplication

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALP...

PT-2025-47711

Name of the Vulnerable Software and Affected Versions Vitepos – Point of Sale POS for WooCommerce versions up to and including 3.3.0 Description The Vitepos – Point of Sale POS for WooCommerce plugin for WordPress is susceptible to arbitrary file uploads due to a lack of file type validation with...

Denial Of Service (DoS)

ImageMagick is vulnerable to Denial of Service DoS. The vulnerability is due to unsigned integer underflow and division-by-zero conditions in the CLAHEImage function when tile width or height is zero, which allows an attacker to trigger out-of-bounds memory access or application crashes by...

Adobe Photoshop Heap Buffer Overflow Vulnerability (CNVD-2025-29701)

Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. Adobe Photoshop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to cause arbitrary code to be executed in the context of the current user...

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing o...

EUVD-2025-38150

An issue was discovered in AnyDesk before 9.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing of an Identity user image within the Discovery feature, or when establishing a connection between any two clients...

AnyDesk 输入验证错误漏洞

AnyDesk is a remote desktop connection software from the German company AnyDesk. A security vulnerability exists in AnyDesk versions prior to 9.0.0 that stems from an integer overflow and heap buffer overflow in UDP packets when processing Identity user images in the Discovery feature or...

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing o...

CVE-2025-62594 ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...

[SECURITY] [DLA 4341-1] gegl security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4341-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 22, 2025 https://wiki.debian.org/LTS -...

sharp 安全漏洞

sharp is a lovell personal developer for converting large images in common formats to smaller, web-friendly JPEG, PNG, WebP, GIF, and AVIF images of different sizes. A security vulnerability exists in sharp v9.6.6, which originates in src/Form/Fields/SharpFormUploadField.php and is susceptible to...