Linux Distros Unpatched Vulnerability : CVE-2022-30775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Linux Distros Unpatched Vulnerability : CVE-2022-45412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memo...

SUSE CVE-2025-55199

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

Linux Distros Unpatched Vulnerability : CVE-2025-37981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use iskdumpkernel to check for kdump The smartpqi driver checks the...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.79 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.79 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Linux Distros Unpatched Vulnerability : CVE-2023-52616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpiecinit When the mpiecctx structure is...

ROS-20250806-10

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by using a specially crafted HTML page A vulnerability in the V8...

PT-2025-32111 · Unknown · Blockchain Keystore

Name of the Vulnerable Software and Affected Versions: Blockchain Keystore versions prior to 1.3.17.2 Description: An out-of-bounds write issue exists in the creation of bitmap images. This can allow a local privileged attacker to write to memory outside of allocated boundaries. Recommendations:...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

PT-2025-31936

Name of the Vulnerable Software and Affected Versions OpenJPEG versions 2.5.3 and earlier Description OpenJPEG is an open-source JPEG 2000 codec. A call to the opj jp2 read header function may lead to an out-of-bounds heap memory write when the data stream p stream is too short and p image is not...

CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

CVE-2025-50422

CVE-2025-50422 affects Cairo (up to 1.18.4) as used in Poppler (up to 25.08.0). The issue is an assertion failure (unscaled->face == NULL) in _cairo_ft_unscaled_font_fini within cairo-ft-font.c, leading to a crash in affected workflows. Mitigations from connected advisories: update Cairo/Poppl...

CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

OpenEXR Out-Of-Memory via Unbounded File Header Values

Summary The OpenEXR file format defines many information about the final image inside of the file header, such as the size of data/display window. The application trusts the value of dataWindow size provided in the header of the input file, and performs computations based on this value. This may...

USN-7673-1 openjdk-21-crac vulnerabilities

It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...