CVE-2026-25635 calibre has a Path Traversal Leading to Arbitrary File Write and Potential Code Execution

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

EUVD-2026-5596

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

PT-2026-6787

Name of the Vulnerable Software and Affected Versions calibre versions prior to 9.2.0 Description calibre is an e-book manager. The CHM reader contains a path traversal flaw that permits arbitrary file writes in locations where the user possesses write access. On Windows operating systems, this c...

Flock cameras shared license plate data without permission

Mountain View, California, pulled the plug on its entire license plate reader camera network this week. It discovered that Flock Safety, which ran the system, had been sharing city data with hundreds of law enforcement agencies, including federal ones, without permission. Flock Safety runs an...

Denial-of-Service (DoS)

llamaindex.core is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to uncontrolled memory consumption in SimpleDirectoryReader, where all files in a directory are loaded into memory before enforcing the numfileslimit, allowing large directories to exhaust memory and degrade or cra...

CVE-2025-69621

An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

OSV-2026-190 Security exception in com.ctc.wstx.util.TextBuffer.buildResultArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=480987597 Crash type: Security exception Crash state: com.ctc.wstx.util.TextBuffer.buildResultArray com.ctc.wstx.util.TextBuffer.contentsAsArray com.ctc.wstx.dtd.FullDTDReader.parseEntityValue...

EUVD-2025-206821

An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

Android Tools Comic Book Reader 安全漏洞

Android Tools Comic Book Reader is a comic reading app developed by the Russian company Android Tools. Version 1.0.95 of Android Tools Comic Book Reader contains a security vulnerability. This vulnerability stems from an issue with file import processes, where arbitrary files can be overwritten,...

nTools Office Reader - PDF,Word,Excel 安全漏洞

nTools Office Reader – PDF, Word, Excel is a document reading application developed by nTools Corporation. The version 4.5.7 of nTools Office Reader – PDF, Word, Excel contains a security vulnerability. This vulnerability stems from path traversal vulnerabilities, which may lead to...

CVE-2025-69621

An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69621

An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69621

An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95 allows attackers to overwrite critical internal files, potentially leading to arbitrary code execution or exposure of sensitive information...

CVE-2025-69621

Comic Book Reader v1.0.95 is affected by an arbitrary file overwrite vulnerability in the file import process. This could allow overwriting critical internal files and potentially enable arbitrary code execution or exposure of sensitive information, as described across NVD, Red Hat, CVE lists, At...

PT-2026-5975

Name of the Vulnerable Software and Affected Versions Comic Book Reader version 1.0.95 Description A flaw exists in the file import process of Comic Book Reader that allows for arbitrary file overwrites. Successful exploitation could lead to arbitrary code execution or the disclosure of sensitive...

CVE-2025-64438

CVE-2025-64438 affects Fast DDS, a C++ implementation of the DDS standard. The issue is an Out-of-Memory (OOM) denial-of-service triggered remotely when processing RTPS GAP submessages under RELIABLE QoS: sending a GAP packet with a huge gap range causes StatefulReader::processGapMsg() to loop un...

Allocation of Resources Without Limits or Throttling

Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the SimpleDirectoryReader class readers/file/base.py. The configured numfileslimit is respected, but enforced after all...

GHSA-488G-HW5F-X29P llama-index-core vulnerable to Uncontrolled Resource Consumption

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...

CVE-2025-6208

The SimpleDirectoryReader component in llamaindex.core version 0.12.23 suffers from uncontrolled memory consumption due to a resource management flaw. The vulnerability arises because the user-specified file limit numfileslimit is applied after all files in a directory are loaded into memory. Thi...