4742 matches found
CVE-2025-50900
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected function is preHandle In the filter code, use CodecUtils.urlDecoderequest.getRequestURI to obtain the URL-decoded request path, and then determine whether...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from an integer overflow in the BMPv3 palette decoding function that could lead to remote code execution...
Linux Distros Unpatched Vulnerability : CVE-2018-1000050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption,...
SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2215 SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-46407 SUMMARY A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library...
SAIL Image Decoding Library Targa RLE Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2220 SAIL Image Decoding Library Targa RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-50129 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...
SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2216 SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-32468 SUMMARY A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...
SAIL Image Decoding Library WebP Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2224 SAIL Image Decoding Library WebP Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52456 SUMMARY A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...
SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version v0.9.8, which stems from a memory corruption in the PCX image decoding function that could lead to remote code execution...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from an integer overflow in the PSD image decoding function that could lead to remote code execution...
SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2219 SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53085 SUMMARY A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library...
PT-2025-34617 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PCX Image Decoding functionality of the library. Decoding image data from a crafted .pcx file can lead to a heap-based buffer overflow, potentially...
PT-2025-34621 · Unknown · Sail Image Decoding Library
Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library. Decoding image data from a crafted .tga file can lead to a heap-based buffer...
SAIL 安全漏洞
SAIL is an image decoding library from SAIL open source. A security vulnerability exists in SAIL version 0.9.8, which stems from a heap buffer overflow in the PSD RLE decoding function that could lead to remote code execution...
Linux Distros Unpatched Vulnerability : CVE-2019-10050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of...
SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2217 SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-35984 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to the failure to enforce INTEGER constraints in the UPER decoding process when the bound is positive and exceeds 32 bits. An attacker can cause the processing of incorrect or malicious input by supplying...
go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Summary Use of this library in a security-critical context may result in leaking sensitive information, if used to process sensitive fields. Details OpenBao and presumably HashiCorp Vault have surfaced error messages from mapstructure as follows:...
PT-2025-40880
Name of the Vulnerable Software and Affected Versions versions prior to 8.0 Description A crafted animation can trigger a use-after-free write during SANM decoding. This occurs when a STOR chunk is followed by an FOBJ chunk, and the frame has an invalid size. The code attempts to decode a frame...
Linux Distros Unpatched Vulnerability : CVE-2024-6162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises becau...