DEBIAN-CVE-2023-53729

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...

CVE-2023-53729

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...

CVE-2023-53729 soc: qcom: qmi_encdec: Restrict string length in decode

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of qmi element info structures account for null terminated strings with MAXLEN + 1. If a string is actually MAXLEN + 1 length, this wil...

CVE-2023-53729

CVE-2023-53729 affects the Linux kernel’s QMI handling for Qualcomm (soc: qcom: qmi_encdec). The issue arises when decoding QMI TLV strings: the code accounts for null-terminated strings with MAX_LEN + 1, and if a string is actually MAX_LEN + 1, NULL termination leads to an out-of-bounds access. ...

CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

UBUNTU-CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the lwsupngdecode function when the WSWITHUPNG flag is enabled during compilation and the HTML display stack is used. An attacker can cause a crash or potentially execute arbitrary code by enticing a user to visi...

JLSEC-2025-121 An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks chec...

An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointer dereference, impacting availability...

JLSEC-2025-118 adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return...

adtsdecodeextradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the initgetbits return value, which is a necessary step because the second argument to initgetbits can be crafted...

JLSEC-2025-124 An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote at...

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

JLSEC-2025-133 A vulnerability was found in FFmpeg up to 7.0.1

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

JLSEC-2025-122 A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of liba...

A null pointer dereference issue was discovered in 'FFmpeg' in decodemainheader function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformatnewstream and triggers the null pointer dereference error, causing an application to crash...

JLSEC-2025-111 decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in cal...

decodeframe in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations...

CVE-2025-60641

The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserializebase64decode$POST'mexcel', where $POST'mexcel' is user-controlled input. This input is decoded from base64 and deserialized without validation or use of the allowedclasses option, allowing an attacker to...

CVE-2025-60641

The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserializebase64decode$POST'mexcel', where $POST'mexcel' is user-controlled input. This input is decoded from base64 and deserialized without validation or use of the allowedclasses option, allowing an attacker to...

CVE-2025-62374

Parse Javascript SDK provides access to the powerful Parse Server backend from your JavaScript app. Prior to 7.0.0, injection of malicious payload allows attacker to remotely execute arbitrary code. ParseObject.fromJSON, ParseObject.pin, ParseObject.registerSubclass, ObjectStateMutations internal...

Parse Javascript SDK vulnerable to prototype pollution in `Parse.Object` and internal APIs

Summary Prototype pollution capabilities on various APIs. Details Injection of malicious payload allows attacker to remotely execute arbitrary code. Parse.Object and internal APIs are affected, specifically: - ParseObject.fromJSON - ParseObject.pin - ParseObject.registerSubclass -...

OSV-2025-834 Heap-buffer-overflow in std::__1::pair<int, arrow::util::RleBitPackedParser::ControlFlow> arrow::util::R

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=451150486 Crash type: Heap-buffer-overflow READ 3 Crash state: std::1::pair arrow::util::R arrow::util::RleBitPackedDecoder::GetBatch auto parquet::DictByteArrayDecoderImpl::DecodeArrowDense...