19 matches found
EUVD-2019-6063
Malware in sbrugna...
EUVD-2022-47398
Malicious code in bioql PyPI...
EUVD-2024-38242
Malicious code in bioql PyPI...
CVE-2025-7345 Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf
A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...
CVE-2024-47401
Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1 and 9.5.x = 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by...
CVE-2025-31475
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where the addOrUpdate function, used for applying custom texts, did not properly validate input. This allowed an attacker with direct access to the site's source code ...
CVE-2025-30472
A flaw was found in Corosync. In affected versions, a stack-based buffer overflow may be triggered via a large UDP packet in configurations where encryption is disabled or if an attacker knows the encryption key. This issue can lead to an application crash or other undefined behavior. Mitigation ...
Linux Distros Unpatched Vulnerability : CVE-2016-5353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - epan/dissectors/packet-umtsfp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows...
Linux Distros Unpatched Vulnerability : CVE-2018-18521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application cras...
EulerOS 2.0 SP10 : openssl (EulerOS-SA-2025-1026)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds...
CVE-2024-47835
A flaw was found in the GStreamer library. A NULL-pointer dereference in the LRC subtitle parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...
CVE-2024-47537
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
Ollama < 0.1.46 Multiple Vulnerabilities
The version of Ollama installed on the remote host is prior to 0.1.46. It is, therefore, affected by multiple vulnerabilities: - An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF...
Adobe Framemaker Buffer Overflow Vulnerability (CNVD-2024-27546)
Adobe Framemaker is the United States of America Odooby Adobe company's set of page layout software for writing and editing large or complex documents including structured documents. A security vulnerability exists in Adobe Framemaker, which is caused by improper boundary checking. An attacker...
CVE-2023-4806 Glibc: potential use-after-free in getaddrinfo()
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the nssgethostbyname2r and nssgetcanonnamer hooks without...
PT-2022-4806 · Libtiff +9 · Libtiff +9
Name of the Vulnerable Software and Affected Versions: libtiff library version 4.3.0 Description: A heap buffer overflow in the ExtractImageSection function in tiffcrop.c allows an attacker to trigger unsafe or out of bounds memory access via a crafted TIFF image file, which could result in an...
MGASA-2020-0098 Updated libgd packages fix security vulnerability
The updated packages fix a security vulnerability: gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. CVE-2018-14553...
X.org, XFree86: Integer and stack overflows in libXpm
Background XFree86 and X.org are both implementations of the X Window System. Description Chris Evans has discovered multiple integer and stack overflow vulnerabilities in the X Pixmap library, libXpm, which is a part of the X Window System. These overflows can be exploited by the execution of a...
MDKSA-2004:044 - Updated libuser packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: libuser Advisory ID: MDKSA-2004:044 Date: May 17th, 2004 Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1 Problem Description: Steve Grubb discovered a number of problems in the libuser libra...