CVE-2025-11234 affecting package qemu for versions less than 8.2.0-23

CVE-2025-11234 affecting package qemu for versions less than 8.2.0-23. A patched version of the package is available...

CVE-2017-14038

CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability...

PYSEC-2021-93

An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could...

PT-2021-16502 · Pillow +8 · Pillow +8

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.2.0 Description: An issue was discovered in Pillow. There is an out-of-bounds read in J2kDecode, in j2ku gray i. This issue dates back to Pillow 2.4.0. Recommendations: For Pillow versions prior to 8.2.0, update to...

Pillow 安全漏洞

Pillow is a Python-based image processing library. a denial of service vulnerability exists in versions prior to Pillow 8.2.0, which stems from the fact that for FLI data, FliDecode does not properly check whether the block advance is non-zero, and an attacker can exploit this vulnerability to...

CrushFTP HTTP Injection Vulnerability

CrushFTP is a cross-platform Java FTP server from the U.S. CrushFTP company . A security vulnerability exists in CrushFTP versions prior to 7.8.0 and 8.x versions prior to 8.2.0. No detailed vulnerability details are provided at this time...

CVE-2017-14035

CrushFTP 8.x before 8.2.0 has a serialization vulnerability...