DNG File Fuzzer for Robustness

This Python script is a mutation-based fuzzing tool designed to test the robustness of DNG Digital Negative / TIFF-based file parsers by generating large numbers of corrupted or semi-valid image files. It works by starting from a minimal valid DNG structure, then applying random mutations to...

PT-2026-30638

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

Digilent DASYLab 安全漏洞

Digilent DASYLab is a graphical data acquisition and application development platform developed by Digilent, Inc. There is a security vulnerability in Digilent DASYLab, which stems from out-of-bound read operations when loading corrupted files. This vulnerability may lead to information leakage o...

Digilent DASYLab 安全漏洞

Digilent DASYLab is a graphical data acquisition and application development platform developed by Digilent, Inc. There is a security vulnerability in Digilent DASYLab, which stems from out-of-bound read operations when loading corrupted files. This vulnerability may lead to information leakage o...

Digilent DASYLab 安全漏洞

Digilent DASYLab is a graphical data acquisition and application development platform developed by Digilent, Inc. There is a security vulnerability in Digilent DASYLab, which stems from out-of-bound writing when loading corrupted files. This vulnerability may lead to information leakage or the...

CVE-2025-64469

There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile::FindRsrcListEntry when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially...

CVE-2025-64466

There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

CVE-2025-64461

NI LabVIEW is affected by an out-of-bounds write in mgocre_SH_25_3!RevBL() when opening a corrupted VI file, impacting 2025 Q3 (25.3) and earlier. Exploitation requires a user to open a crafted VI and can lead to information disclosure or arbitrary code execution. A patch/update to a version late...

UBUNTU-CVE-2025-21830

In the Linux kernel, the following vulnerability has been resolved: landlock: Handle weird files A corrupted filesystem e.g. bcachefs might return weird files. Instead of throwing a warning and allowing access to such file, treat them as regular files...

Ongoing Phishing and Malware Campaigns in December 2024

Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats. Here's a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day...

How Attackers Use Corrupted Files to Slip Past Security

New zero-day attack bypasses antivirus, sandboxes, and spam filters using corrupted files. Learn how ANY.RUN’s sandbox detects and…...

PT-2023-5049 · Microsoft +1 · Visual Studio +2

Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Visual Studio, which can allow an attacker to execute arbitrary code. This can potentially lead to remote...

PT-2023-5048 · Microsoft +1 · Visual Studio +2

Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Visual Studio, allowing an attacker to execute arbitrary code. This can affect the system and potentially...

Apache Avro Denial of Service Vulnerability

Apache Avro is a data serialization system from the Apache Foundation, Inc. A denial of service vulnerability exists in versions of Apache Avro Rust prior to 0.14.0, which stems from an integer overflow when reading corrupted .avro files in the Avro Rust SDK, and can be exploited by an attacker t...

Apache Avro 输入验证错误漏洞

Apache Avro is a data serialization system from the Apache Foundation, Inc. A denial of service vulnerability exists in versions of Apache Avro Rust prior to 0.14.0, which stems from an integer overflow when reading corrupted .avro files in the Avro Rust SDK, and can be exploited by an attacker t...

PrestaShop cross-site scripting vulnerability (CNVD-2020-59046)

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A security vulnerability exists in PrestaShop version 1.5.0.0, prior to 1.7.6.8, whic...

Race condition

log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...

SUSE-SU-2019:2452-1 Security update for djvulibre

This update for djvulibre fixes the following issues: Security issues fixed: - CVE-2019-15142: Fixed heap-based buffer over-read bsc1146702. - CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files bsc1146569. - CVE-2019-15144: Fixed denial-of-service caused by crafted PBM imag...

bzip2 -- multiple issues

bzip2 developers reports: CVE-2016-3189 - Fix use-after-free in bzip2recover Jakub Martisko CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files Albert Astals Cid. Found through fuzzing karchive...

Denial Of Service (DoS)

tika-parsers is vulnerable to denial of service DoS attacks. The vulnerability exists as parsing corrupted sqlite files can cause an infinite loop, causing DoS attacks...