12 matches found
GHSA-QW48-84F6-28GV Graphite Has a Pickle Deserialization Vulnerability
Impact Type of vulnerability: Insecure Deserialization via Python's pickle module. Who is impacted: Users of Graphite graph database engine versions before 0.2 who load database files from untrusted or third-party sources. An attacker could craft a malicious database file that executes arbitrary...
CVE-2025-48073
OpenEXR 3.3.2 is vulnerable when reading a deep scanline image with a large sample count in reduceMemory mode, potentially crashing the target application via a NULL pointer dereference in a write operation. The issue is caused during the write path in ScanLineProcess::run_fill when the sample bu...
CVE-2025-48071
OpenEXR vulnerability CVE-2025-48071 is a heap-based buffer overflow in the EXR write/decompression path for ZIPS-packed deep scanline data when a forged chunk header causes the unpacked size to be inconsistent with the actual uncompressed data. The issue resides in OpenEXR’s chunk parsing and un...
PT-2025-31588
Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.3.2 Description OpenEXR is an image storage format used in the motion picture industry. A NULL pointer dereference can occur in a write operation when reading a deep scanline image with a large sample count in reduceMemory...
HDF5 安全漏洞
HDF Group HDF5 is a suite of tools for managing and storing different types of data from the American company HDF Group. The product supports managing, manipulating, viewing and analyzing data and generating files in portable formats. A security vulnerability exists in HDF5. No information about...
CVE-2022-34837
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add more network clients that may monitor various activities of the Zenon...
Security update for qemu (important)
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in Leap 15.0. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read...
openSUSE Security Update : qemu (openSUSE-2017-1248)
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in Leap 15.0. These security issues were fixed : - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read...
[SECURITY] Fedora 21 Update: mailx-12.5-14.fc21
Mailx is an enhanced mail command, which provides the functionality of the POSIX mailx command, as well as SysV mail and Berkeley Mail from which it is derived. Additionally to the POSIX features, mailx can work with Maildir/ e-mail storage format as well as mailboxes, supports IMAP, POP3 and SMT...
[SECURITY] Fedora 19 Update: mailx-12.5-9.fc19
Mailx is an enhanced mail command, which provides the functionality of the POSIX mailx command, as well as SysV mail and Berkeley Mail from which it is derived. Additionally to the POSIX features, mailx can work with Maildir/ e-mail storage format as well as mailboxes, supports IMAP, POP3 and SMT...
MS Office Products Array Index Bounds Error (unpatched) PoC
Exploit for unknown platform in category dos / poc =========================================================== MS Office Products Array Index Bounds Error unpatched PoC =========================================================== Full archive at http://www.milw0rm.com/sploits/excel03262006.rar Top...
Microsoft Office Products - Array Index Bounds Error (PoC)
Microsoft Office Products - Array Index Bounds Error PoC Full archive at https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/1615.rar excel03262006.rar Topic : Microsoft Office 2002 - Excel/Powerpoint/Word.. 10.0.2614.0 = 11.0.5612.0 Date : 02/12/2006 Author :...