CVE-2026-52759 Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory Allocation in Mach-O Parser

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

CVE-2026-40192

Pillow is a Python imaging library. Versions 10.3.0 through 12.1.1 did not limit the amount of GZIP-compressed data read when decoding a FITS image, making them vulnerable to decompression bomb attacks. A specially crafted FITS file could cause unbounded memory consumption, leading to denial of...

Amazon Linux 2 : python-pillow, --advisory ALAS2-2026-3180 (ALAS-2026-3180)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3180 advisory. Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-bounds write may be triggered when...

BIT-PILLOW-2026-25990 Pillow has an out-of-bounds write when loading PSD images

Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, an out-of-bounds write may be triggered when loading a specially crafted PSD image. This vulnerability is fixed in 12.1.1...

CVE-2021-2155

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Documents. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2025-2533

IBM Db2 for Linux 12.1.0, 12.1.1, and 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query...

IBM Db2 for Linux 安全漏洞

IBM Db2 for Linux is a database management system on Linux from International Business Machines IBM. A security vulnerability exists in IBM Db2 for Linux versions 12.1.0, 12.1.1, and 12.1.2, which stems from improper handling of specially crafted queries and could result in a denial of service...

Oracle iStore 安全漏洞

Oracle iStore is an e-commerce product from Oracle Corporation USA. A security vulnerability exists in Oracle iStore. An attacker who exploits this vulnerability could gain access to critical data or full access to all Oracle iStore accessible data, as well as unauthorized update, insertion, or...

Vulnerabilities fixed in Foxit PDF Reader and Foxit PDF Editor

Foxit has fixed several vulnerabilities in PDF reader and PDF Editor. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or potentially execute arbitrary code execute arbitrary code with the victim's privileges. The malicious party must trick the deceive the victim...

CVE-2021-2267

Vulnerability in the Oracle Labor Distribution product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Labor Distribution...

CVE-2021-2183

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Shopping Cart. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is a seamless integration of a management suite.Oracle E-Busines...

CVE-2021-2101

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Print Server. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-4428

A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 12.1.1. A local attacker may be able to share items from the lock screen...

CVE-2020-14863

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Print Server. Supported versions that are affected are 12.1.1 - 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One...

CVE-2020-14596

Vulnerability in the Oracle iStore product of Oracle E-Business Suite component: Address Book. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44274)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, etc. Advanced Outbound Telephony is one of the tools used for outbound ca...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44278)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in the Setup of Mobil...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44276)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44273)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, etc. Advanced Outbound Telephony is one of the tools used for outbound ca...