9188 matches found
EUVD-2025-7097
Malicious code in bioql PyPI...
EUVD-2022-6699
Malicious code in bioql PyPI...
EUVD-2024-3213
Malicious code in bioql PyPI...
EUVD-2022-5752
Malicious code in bioql PyPI...
EUVD-2024-2325
Malicious code in bioql PyPI...
EUVD-2023-0709
Malicious code in bioql PyPI...
EUVD-2024-48458
Malicious code in bioql PyPI...
EUVD-2025-16774
Malicious code in bioql PyPI...
EUVD-2024-2917
Malicious code in bioql PyPI...
Unmasking Puppeteers: Leveraging Biometric Leakage to Disarm Impersonation in AI-Based Videoconferencing
AI-based talking-head videoconferencing systems reduce bandwidth by sending a compact pose-expression latent and re-synthesizing RGB at the receiver, but this latent can be puppeteered, letting an attacker hijack a victim's likeness in real time. Because every frame is synthetic, deepfake and...
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.
...
A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer.
...
CVE-2025-43718
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...
CVE-2025-43718
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...
CVE-2025-43718
Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...
PT-2025-40292
Name of the Vulnerable Software and Affected Versions Poppler versions 24.06.1 through 25.04.0 Description The software is susceptible to a stack consumption issue leading to a SIGSEGV signal. This occurs when processing PDF documents containing deeply nested structures within their metadata, suc...
CLSA-2025-1759222758 ruby: Fix of 4 CVEs
CVE-2016-2337: Fix type confusion in canceleval Ruby's TclTkIp class method to prevent arbitrary code execution - CVE-2017-9224: Fix stack out-of-bounds read in matchat during regular expression searching - CVE-2017-9227: Fix stack out-of-bounds read in mbcenclen and invalid pointer dereference...
NewStart CGSL MAIN 6.06 : tcl Vulnerability (NS-SA-2025-0225)
The remote NewStart CGSL host, running version MAIN 6.06, has tcl packages installed that are affected by a vulnerability: - The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows...
Security Bulletin: Vulnerabilities in Angular might affect IBM Storage Defender Copy Data Management.
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Angular. Vulnerabilities include a large carefully-crafted input, which can result in catastrophic backtracking and Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser as...
Security Bulletin:IBM Event Streams is vulnerable to Regular Expression Denial of Service (ReDoS) ( CVE-2025-1302).
Summary IBM Event Streams is vulnerable to Regular Expression Denial of Service ReDoS caused by Inefficient Regular Expression Complexity. This issue affects JavaScript code that is compiled using certain versions of Babel . Babel is a JavaScript transcompiler used for converting modern JavaScrip...