curl: Heap buffer overflow in Curl_ipv4_resolve_r due to incorrect buffer alignment and size calculation on AmigaOS

Summary: A heap-based buffer overflow exists in the AmigaOS-specific DNS resolution function Curlipv4resolver located in lib/amigaos.c. The function uses gethostbynamer with a fixed-size heap buffer CURLHOSTENTSIZE and performs incorrect pointer arithmetic when calculating the data buffer offset...

CVE-2025-33210

NVIDIA Isaac Lab contains a deserialization vulnerability. A successful exploit of this vulnerability might lead to code execution...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from an out-of-bounds write when parsing a specially crafted MODEL file, which could result in a crash, data corruption, or execution of arbitrary code in the...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from an out-of-bounds read when parsing a specially crafted SLDPRT file, which could result in a crash, read sensitive data, or execute arbitrary code in the...

CVE-2025-9459 SLDPRT File Parsing Out-of-Bounds Read Vulnerability

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-14265

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

libbiosig 安全漏洞

libbiosig is an open source software library for biomedical signal processing open source by BioSig Project. It has biosignal analysis capabilities. A security vulnerability exists in libbiosig version 3.9.1, which stems from a stack buffer overflow in the MFER parsing function that could lead to...

CVE-2025-67488

SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...

CVE-2025-14087

A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...

Dotclear 代码问题漏洞

Dotclear is an open source blog publishing application from Dotclear Open Source. A code issue vulnerability exists in Dotclear version 2.29, which originates from an authenticated user being able to upload a malicious PHP file via the media upload feature, potentially leading to remote code...

CVE-2025-14333 Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146

Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

[SECURITY] [DLA 4396-1] libpng1.6 security update

Debian LTS Advisory DLA-4396-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost December 07, 2025 https://wiki.debian.org/LTS Package : libpng1.6 Version : 1.6.37-3+deb11u1 CVE ID : CVE-2025-64505 CVE-2025-64506 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 Debian Bug ...

[SECURITY] [DSA 6072-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6072-1 [email protected] https://www.debian.org/security/ Andres Salomon December 04, 2025 https://www.debian.org/security/faq -...

xorg: xmayland: Use-after-free in XPresentNotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

PT-2025-48978

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 1.0.93 Description Claude Code is an agentic coding tool. Prior to version 1.0.93, errors in parsing shell commands related to $IFS and short CLI flags allowed bypassing the read-only validation, potentially leadi...

Advisory ROSA-SA-2025-3100

Software: PackageKit 1.1.12 OS: ROSA Virtualization 2.1 packageevrstring: PackageKit-1.1.12-7.0.1.rv3 CVE-ID: CVE-2024-0217 BDU-ID: None CVE-Crit: LOW CVE-DESC.: A use-after-free vulnerability in PackageKitd allows an attacker to access freed memory and potentially execute arbitrary code...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the kissfftalloc function when the nfft parameter is not properly validated before being used in a size calculation. An attacker can cause a heap buffer overflow by supplying a large value for nfft on...

Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-48795 CVE-2025-48913)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities Vulnerability Details CVEID:CVE-2025-48795 DESCRIPTION: Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the...

CVE-2025-66266

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...

JLSEC-2025-237 In libarchive before 3.6.2, the software does not check for an error after calling calloc function t...

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the...