116 matches found
Unity Linux 20.1060e / 20.1070e Security Update: derby (UTSA-2026-016640)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016640 advisory. In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and...
ROS-20260515-73-0049
A vulnerability in the ChromeDriver component of Google Chrome for Android browser is related to the use of an untrusted cross-domain policy file. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...
Updated polkit-122 packages fix security vulnerability
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write. CVE-2025-7519...
USN-8173-1 policykit-1 vulnerabilities
It was discovered that polkit incorrectly handled nested elements in XML policy files. If an administrator were tricked into installing a malicious policy file, a remote attacker could possibly use this issue to cause polkit to crash, resulting in a denial of service. CVE-2025-7519 Pavel Kohout...
Stack-based Buffer Overflow
Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Use After Free
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Use After Free
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Use After Free
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the MSL encoder, when destroying a cloned image. Workaround This vulnerability can be mitigated by disabling the vulnerable encoder by adding to the policy.xml file. Remediation A fix was pushed into the master branch...
Use After Free
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Infinite loop
Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop in the DecodeImage function when processing a PCD image file that lacks a valid Sync marker. An attacker can cause continuous CPU resource consumption and system resource exhaustion by submitting such a file. Workaround Th...
Infinite loop
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Infinite loop
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
CVE-2026-1448
A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wizpolicy3machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotel...
CVE-2025-62594
A vulnerability in ImageMagick’s CLAHEImage function in MagickCore/enhance.c allows a zero tile width or height to trigger unsigned integer underflow and division-by-zero conditions. When tileinfo.height or tileinfo.width becomes zero, pointer arithmetic using these values can result in...
CVE-2025-48044
Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before pkg:hex/[email protected]...
EUVD-2025-34884
Ash has authorization bypass when bypass policy condition evaluates to true...
CVE-2025-48044
Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/policy.ex and program routines 'Elixir.Ash.Policy.Policy':expression/2. This issue affects ash: from pkg:hex/[email protected] before pkg:hex/[email protected]...
EUVD-2014-1577
Malware in sbrugna...