EUVD-2023-55071

Malicious code in bioql PyPI...

K000156684: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2015-8900 The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service infinite loop via a crafted HDR file. CVE-2015-8901 ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial o...

K000156683: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2014-9828 coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. CVE-2014-9829 coders/sun.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds access via a crafted sun file...

CLSA-2025-1757663183 gimp: Fix of CVE-2023-44441

CVE-2023-44441: fix heap-based buffer overflow vulnerability in DDS file parsing...

Linux Distros Unpatched Vulnerability : CVE-2020-18735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow in /src/ddsstream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash. CVE-2020-18735 Note that Nessus...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gimp (SUSE-SU-2025:03075-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03075-1 advisory. - CVE-2025-2760: lack of proper validation of user-supplied data in DDS parser can lead to integer...

Security update for gimp

This update for gimp fixes the following issues: CVE-2025-2760: lack of proper validation of user-supplied data in DDS parser can lead to integer overflow and remote code execution bsc1241690. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

Linux Distros Unpatched Vulnerability : CVE-2023-39945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and...

Linux Distros Unpatched Vulnerability : CVE-2023-39948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the...

Linux Distros Unpatched Vulnerability : CVE-2023-39534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, ...

Linux Distros Unpatched Vulnerability : CVE-2023-42459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. In affected versions specific DATA submessage...

Linux Distros Unpatched Vulnerability : CVE-2022-41999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. A...

Malicious code in dds-ddw_spa_libs_primeng (npm)

The package dds-ddwspalibsprimeng was found to contain malicious code...

MAL-2025-18119 Malicious code in dds-ddw_spa_libs_primeng (npm)

The package dds-ddwspalibsprimeng was found to contain malicious code...

CVE-2025-30098

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an ...

CVE-2025-48379

A flaw was found in python-pillow. The Pillow library exhibits a heap buffer overflow when writing DDS images larger than 64KB, resulting from a missing bounds check during buffer allocation. This flaw allows a local attacker to trigger the overflow by providing a maliciously crafted DDS image...

Heap Based Buffer Overflow

Pillow is vulnerable to heap-based buffer overflow.. The vulnerability is due to writing into a buffer without checking for available space when saving a large 64k image in DDS format, which allows an attacker to trigger a heap buffer overflow by tricking the application into processing malicious...

BIT-PILLOW-2025-48379 Pillow Vulnerable to Write Buffer Overflow on BCn encoding

Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large 64k encoded with default settings image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save...

Python Library Pillow 11.2.x < 11.3.0 Write Buffer Overflow

The detected version of the Pillow Python package, Pillow, is 11.2.x prior to 11.3.0. It is, therefore, affected by a write buffer overflow vulnerability. There is a heap buffer overflow when writing a sufficiently large 64k encoded with default settings image in the DDS format due to writing int...

SUSE CVE-2025-48379

Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large 64k encoded with default settings image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save...