cpython: python: CPython DecodeError Handling Vulnerability

A vulnerability has been identified in CPython's bytes.decode function when used with the "unicodeescape" encoding and the "ignore" or "replace" error handling modes. This flaw can result in the incorrect decoding of byte strings. While this may not directly lead to traditional security breaches...

Mozilla Firefox ESR < 17.0.5

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 17.0.5. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-40 advisory. - CERTDecodeCertPackage reads bytes outside the input bufferCVE-2013-0791 CVE-2013-0791 Note that Nessus has not...

Mozilla Thunderbird ESR < 17.0.5

The version of Thunderbird ESR installed on the remote macOS or Mac OS X host is prior to 17.0.5. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-40 advisory. - CERTDecodeCertPackage reads bytes outside the input bufferCVE-2013-0791 CVE-2013-0791 Note that Nessus has n...

Mozilla Firefox ESR < 17.0.5

The version of Firefox ESR installed on the remote Windows host is prior to 17.0.5. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-40 advisory. - CERTDecodeCertPackage reads bytes outside the input bufferCVE-2013-0791 CVE-2013-0791 Note that Nessus has not tested for...

CVE-2025-48429

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability...

kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL

In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL OPDESC simply indexes into nfsd4ops by the op's operation number, without range checking that value. It assumes callers are careful to avoid calling it with an out-of-bounds...

CVE-2025-48429

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-48429

An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-68259 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...

Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2214 Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-48429 SUMMARY An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially...

PT-2025-51785

Name of the Vulnerable Software and Affected Versions Grassroot DICOM version 3.024 Description A flaw exists in the RLECodec::DecodeByStreams functionality that can lead to a heap data leak. A specially crafted DICOM file can trigger this issue. An attacker can provide a malicious file to exploi...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-38077 - MadLicense !Pythonhttps://img.shields.i...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the Decode function which runs pickle.loadsdecoded without isolation. An attacker can execute arbitrary code or manipulate application data by providing crafted serialized input. Details Serializati...

Denial-of-service (DoS)

pypdf is vulnerable to a Denial-of-service DoS. The vulnerability is due to improper handling of inline images using the DCTDecode filter during PDF content stream parsing, which allows an attacker to craft a malicious PDF that triggers an infinite loop and causes CPU exhaustion...

Uncontrolled Memory Allocation

pypdf is vulnerable to uncontrolled memory allocation. The vulnerability is due to improper handling of LZWDecode streams, which allows an attacker to craft a malicious PDF that causes excessive memory consumption up to 1 GB per stream during content parsing...

FreeBSD : www/varnish-libvmod-digest -- base64 decoding vulnerability (64bec4c7-d785-11f0-a1c0-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 64bec4c7-d785-11f0-a1c0-0050569f0b83 advisory. varnish developers report: Common usage of vmod-digest is for basic HTTP authentication, in which case ...

CVE-2025-36924

In ssDecodeLcsAssistDataReqMsgvoid of ssLcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36924

In ssDecodeLcsAssistDataReqMsgvoid of ssLcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36924

In ssDecodeLcsAssistDataReqMsgvoid of ssLcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36924

CVE-2025-36924 describes an out-of-bounds write in ss_DecodeLcsAssistDataReqMsg() within ss_LcsManagement.c due to an incorrect bounds check. The impact is remote escalation of privilege with no additional execution privileges needed and no user interaction required. Connected sources include And...