EUVD-2024-0602

Malicious code in bioql PyPI...

EUVD-2025-31580

Malicious code in bioql PyPI...

CLSA-2025-1758896091 gdk-pixbuf2: Fix of CVE-2025-7345

CVE-2025-7345: fix heap buffer overflow during base64 encoding in gdkpixbufjpegimageloadincrement...

p0wnedShell

This is an offensive PowerShell host application written in C that runs PowerShell commands and functions within a PowerShell runspace environment. It includes various offensive PowerShell modules and binaries to facilitate post-exploitation activities, such as bypassing mitigations and creating...

CLSA-2025-1757698525 gdk-pixbuf2: Fix of CVE-2025-7345

CVE-2025-7345: fix heap buffer overflow during base64 encoding in gdkpixbufjpegimageloadincrement...

CLSA-2025-1757662747 gdk-pixbuf2: Fix of CVE-2025-7345

CVE-2025-7345: fix heap buffer overflow during base64 encoding in gdkpixbufjpegimageloadincrement...

CVE-2025-41035

appRain CMF 4.0.5 contains an authenticated path traversal vulnerability in the /apprain/common/download/ endpoint. The issue arises from handling of base64-encoded path parameters after /download/, allowing an attacker with sufficient permissions to access files outside the document root. Connec...

GHSA-MXH2-CCGJ-8635 ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header

Summary On the ESP-IDF platform, ESPHome's webserver authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correct value e.g., correct username with partial password. This allows access to webserver functionality...

CVE-2025-57808

ESPHome is a system to control microcontrollers remotely through Home Automation systems. In version 2025.8.0 in the ESP-IDF platform, ESPHome's webserver authentication check can pass incorrectly when the client-supplied base64-encoded Authorization value is empty or is a substring of the correc...

PT-2025-35518

Name of the Vulnerable Software and Affected Versions ESPHome versions 2025.8.0 Description ESPHome’s web server authentication check on the ESP-IDF platform can incorrectly pass when the client-supplied base64-encoded Authorization value is empty or a substring of the correct value. This allows...

Linux Distros Unpatched Vulnerability : CVE-2025-30349

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail...

Exploit for Code Injection in Xwiki

solrsearch-rce-exploit Unauth RCE PoC for XWiki SolrSearch CV...

gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

Alibaba Cloud Linux 3 : 0139: gdk-pixbuf2 (ALINUX3-SA-2025:0139)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0139 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-7345: A flaw exists in gdkpixbuf within th...

SUSE-SU-2025:20596-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2025-5372: sshkdf returns a success code on certain failures bsc1245314 - CVE-2025-5987: Invalid return code for chacha20 poly1305 with OpenSSL backend bsc1245317 - CVE-2025-4877: Write beyond bounds in binary to base64 conversion functions...

gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf

A flaw exists in gdk‑pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib’s gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...