The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the TIFFInput::read_native_scanlines() function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library allows an attacker to compromise the integrity and accessibility of the protected information.

The vulnerability of the TIFFInput::readnativescanlines function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of the protected information...

The vulnerability of the BmpInput::read_native_scanline() function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library allows a hacker to cause a service failure.

The vulnerability of the BmpInput::readnativescanline function in the src/bmp.imageio/bmpinput.cpp module of the OpenImageIO library is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

Important: Red Hat Security Advisory: Red Hat Integration Camel K 1.10.10 release and security update.

Red Hat Integration Camel K 1.10.10 release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

Malicious code in arkose-labs-react-native-example (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-2836 Malicious code in arkose-labs-react-native-example (npm)

--- -= Per source details. Do not edit below this line.=-...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

AI Inference on Akamai Cloud: Enabling Developers to Accelerate Edge Native Applications

...

WordPress plugin WishSuite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Security Bulletin: A vulnerability in IBM Spectrum Scale could allow a local attacker to execute arbitrary commands (CVE-2022-43867)

Summary A security vulnerability has been identified in IBM Spectrum Scale Container Native Access Storage that could allow a local attacker to execute arbitrary commands. A fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2022-43867 DESCRIPTION: IBM Spectrum Scale could...

BIT-ENVOY-2025-30157 Envoy crashes when HTTP ext_proc processes local replies

Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's extproc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket...

CVE-2025-29778

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...

CVE-2025-29778 Kyverno ignores subjectRegExp and IssuerRegExp

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were...

CVE-2025-29778

Kyverno (policy engine for cloud-native platforms) contains a vulnerability prior to version 1.14.0-alpha.1 where artifact verification in keyless mode ignores subjectRegExp and IssuerRegExp, allowing deployment of Kubernetes resources signed with an unexpected certificate and potentially full cl...

CVE-2025-30157

Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's extproc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket...