771 matches found
CVE-2025-9385
A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fixipv6checksums of the file editpacket.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used...
Appneta Tcpreplay 安全漏洞
Appneta Tcpreplay is a suite of open source utilities for editing and replaying network traffic for UNIX-based operating systems from Appneta, Inc. in the United States. A security vulnerability exists in Appneta Tcpreplay versions 4.5.1 and earlier, which stems from reuse after release and may...
Appneta Tcpreplay 安全漏洞
Appneta Tcpreplay is a suite of open source utilities for editing and replaying network traffic for UNIX-based operating systems from Appneta, Inc. in the United States. A security vulnerability exists in Appneta Tcpreplay versions 4.5.1 and earlier, which stems from reuse after release and may...
CVE-2025-9165
A memory leak flaw was found in LibTIFF. This vulnerability affects the TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 function in the file tools/tiffcmp.c of the tiffcmp component. Executing manipulation can lead to a memory leak. The attack is restricted to local execution...
AZL-66545 CVE-2025-9165 affecting package libtiff for versions less than 4.6.0-8
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
DEBIAN-CVE-2025-9165
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
ALPINE-CVE-2025-9165
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
CVE-2025-9165
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
CVE-2025-9165
LibTIFF 4.7.0 contains a local, memory-leak flaw in tiffcmp.c (InitCCITTFax3 via _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew). The vulnerability is described as high complexity with published exploitability, though there is ongoing doubt about the issue’s existence. A patch is available (ed14...
CVE-2025-9165
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
PT-2025-33864
Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.7.0 Description: A memory leak issue exists in LibTIFF due to the functions TIFFmallocExt, TIFFCheckRealloc, TIFFHashSetNew, and InitCCITTFax3 within the tools/tiffcmp.c file of the tiffcmp component. The issue is restricted...
CVE-2025-8875
Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1...
Desktop Windows Manager Remote Code Execution Vulnerability
Use after free in Desktop Windows Manager allows an authorized attacker to execute code locally...
Linux Distros Unpatched Vulnerability : CVE-2024-38476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications...
Security updates for Trend Micro products (June 2025)
Overview Trend Micro Incorporated has released security updates for multiple Trend Micro products. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. Impact Key memory-mapped files may be overwritten due to an insecure access control...
📄 Sudo 1.9.17 Privilege Escalation
Sudo versions 1.9.17 and below suffers from a local privilege escalation vulnerability via the Host option. Exploit Title: Sudo 1.9.17 Host Option - Elevation of Privilege Date: 2025-06-30 Exploit Author: Rich Mirch Vendor Homepage: https://www.sudo.ws Software Link:...
Helm vulnerable to Code Injection through malicious chart.yaml content
A Helm contributor discovered that a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Impact Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and thi...
GHSA-557J-XG8C-Q2MM Helm vulnerable to Code Injection through malicious chart.yaml content
A Helm contributor discovered that a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Impact Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and thi...
CVE-2025-53547
Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...
CVE-2025-20681
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416936; Issue ID: MSV-3446...