Virtuozzo Hybrid Server 7.5 Update 7 Hotfix 3 (7.5.7-176)

The Hotfix 3 for Virtuozzo Hybrid Server 7.5 Update 7 provides fixes for the c2v-convert tool and VirtIO SCSI controllers. Vulnerability id: PSBM-160763 Fixed an issue where the c2v-convert tool failed to convert a container if one of its disks did not have a mount point specified in the source...

Fedora 40 : libheif (2025-666aaa6a0d)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-666aaa6a0d advisory. Latest upstream release. It adds support for tiles and fixes reading images generated by iOS 18+. See https://github.com/strukturag/libheif/releases for more...

Virtuozzo Hybrid Server 7.5 Update 7 Hotfix 2 (7.5.7-167)

The Hotfix 2 for Virtuozzo Hybrid Server 7.5 Update 7 provides fixes for the c2v-convert tool. Vulnerability id: PSBM-159914 c2v-convert could fail if the container's template does not match the distribution installed in the container due to actions like Ubuntu's apt dist-upgrade or apt...

CVE-2024-5979

In h2oai/h2o-3 version 3.46.0, the runtool command in the rapids component allows the main function of any class under the water.tools namespace to be called. One such class, MojoConvertTool, crashes the server when invoked with an invalid argument, causing a denial of service...

Pytorch-Lightning Code Issue Vulnerability

Pytorch-Lightning is an open source lightweight PyTorch wrapper open-sourced by Lightning AI in the US. Used for high performance Ai research. A code issue vulnerability exists in Pytorch-Lightning version v2.2.4, which stems from the runtool command in the rapids component that allows the main...

SUSE CVE-2017-11537

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception FPE in the WritePALMImage function in coders/palm.c, related to an incorrect bits-per-pixel calculation...

DEBIAN-CVE-2022-44267

ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image e.g., for resize, the convert process could be left waiting for stdin input...

UBUNTU-CVE-2017-11539

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the ReadOnePNGImage function in coders/png.c...

DEBIAN-CVE-2017-11534

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the litefontmap function in coders/wmf.c...

UBUNTU-CVE-2017-11537

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Floating Point Exception FPE in the WritePALMImage function in coders/palm.c, related to an incorrect bits-per-pixel calculation...

DEBIAN-CVE-2016-7407

The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file...

PT-2016-7555 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick affected versions not specified Description: An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagick's convert utility. A crafted TIFF document can lead to an out of bounds write, which i...

discuz!某自带工具可拿shell

简要描述： discuz!某自带工具，由于使用不当，可以造成webshell。 而且经过调查，使用者数量较大。 详细说明： discuz! 安装包中会自带一个转换工具 convert 这个工具由于存在安全问题，可以拿shell 一般存在网站目录 convert 或 utility/convert 而且经过调查，使用数量还是很大的。 使用前题是data目录可写，这也是这个工具的使用前题。 分析： 文件： utility\convert\include\doconfig.inc.php 中 保存配置，跟踪到saveconfigfile...