Lucene search
K

3688 matches found

NVD
NVD
added 2026/06/10 2:16 p.m.14 views

CVE-2025-71329

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.0043EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/06/10 1:4 p.m.9 views

CVE-2025-71329 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS5.8AI score0.0043EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/10 1:4 p.m.14 views

EUVD-2025-210106

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS5.8AI score0.0043EPSS
Exploits1References3
CVE
CVE
added 2026/06/10 1:4 p.m.64 views

CVE-2025-71329

The CVE-2025-71329 vulnerability affects image-size up to version 2.0.2 and is triggered by a crafted image buffer containing a zero-valued size field in a recognized box-type, causing an infinite loop in the JXL or HEIF parsers and permanently blocking the Node.js event loop (DoS). Impact is den...

8.7CVSS5.8AI score0.0043EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/10 1:4 p.m.41 views

CVE-2025-71329 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.0043EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.8 views

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS5.5AI score0.00345EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.18 views

PT-2026-48403

Name of the Vulnerable Software and Affected Versions image-size versions prior to 2.0.3 Description A denial of service issue exists where remote attackers can permanently block the Node.js event loop. By supplying a specially crafted image buffer containing a box-type with a zero-valued size...

8.7CVSS5.5AI score0.0043EPSS
Exploits1References8
NVD
NVD
added 2026/06/09 9:17 p.m.17 views

CVE-2025-71319

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS0.00625EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/06/09 7:57 p.m.9 views

CVE-2025-71319 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser

image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...

8.7CVSS5.8AI score0.00625EPSS
Exploits1References3
OSV
OSV
added 2026/06/09 7:17 p.m.10 views

DEBIAN-CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS5.5AI score0.00345EPSS
Exploits1References1
NVD
NVD
added 2026/06/09 7:17 p.m.10 views

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS0.00345EPSS
Exploits1References2
OSV
OSV
added 2026/06/09 7:17 p.m.5 views

UBUNTU-CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS5.3AI score0.00345EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2026/06/09 5:7 a.m.68 views

HTB-TwoMillion-Exploit

HTB-TwoMillion-Exploit Importante: Esto NO es un writeu...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.8 views

MemVenom: Triggered Poisoning of Multimodal Memories in Web Agents

External memory has become a core component of modern web agents, enabling long-horizon reasoning through the retrieval of past experiences. However, this paradigm introduces a critical vulnerability: malicious content injected into memory can be persistently recalled and repeatedly influence age...

5.4AI score
Exploits0
CVE
CVE
added 2026/06/09 12:0 a.m.17 views

CVE-2025-55659

CVE-2025-55659 describes a NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4. The underlying issue in the MP4 container code allows an attacker to trigger a denial-of-service by feeding a crafted MP4 file. The available sources confirm the vuln...

6.5CVSS5.5AI score0.00345EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.9 views

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5AI score0.00345EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.9 views

Assessing Automated Prompt Injection Attacks in Agentic Environments

Indirect prompt injection poses a critical threat to LLM agents that interact with untrusted external data, yet automated attack methods--proven effective for jailbreaking--remain underexplored in realistic agentic settings. We present a comprehensive empirical evaluation of automated prompt...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-48162

🚨 CVE-2025-55659 A NULL pointer dereference in the ctts box write function isomedia/box code base.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file. 🎖@cveNotify...

6.5CVSS5.3AI score0.00345EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/06/09 12:0 a.m.9 views

CVE-2025-55659

A NULL pointer dereference in the cttsboxwrite function isomedia/boxcodebase.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

6.5CVSS5.5AI score0.00345EPSS
Exploits1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

GPAC MP4Box 代码问题漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a code vulnerability cause...

6.5CVSS5.3AI score0.00345EPSS
Exploits1References1
Rows per page
Query Builder