189 matches found
K000153097: Linux kernel vulnerability CVE-2024-50275
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIFS...
LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file
A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...
CVE-2026-6238
The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...
CVE-2026-5435
The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...
EUVD-2026-26036
The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...
GNU C Library 缓冲区错误漏洞
The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.2 and later contain a buffer error vulnerability. This vulnerability stems from the nsprintrrf, nsprintrr, and fpnquery functions, which fai...
CVE-2026-34624
Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of thi...
SUSE CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2026-24450
A flaw was found in LibRaw. A remote attacker could exploit an integer overflow vulnerability by providing a specially crafted malicious file. This flaw, located in the uncompressedfpdngloadraw functionality, leads to a heap buffer overflow. Successful exploitation may result in arbitrary code...
CVE-2026-24450
An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
ROS-20260112-7312
A vulnerability in the qplibfp.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2025-23679
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Flourish Pixel FP RSS Category Excluder fp-rss-category-excluder allows Reflected XSS.This issue affects FP RSS Category Excluder: from n/a through = 1.0.0...
CVE-2025-14080
The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.5. This is due to missing authorization checks on the post update functionality in the fpsmlformprocess AJAX action. This makes it possible for...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the Vector.ReadFrom function. An attacker can cause excessive memory allocation and application crashes by providing maliciously crafted input data containing large length fields. This can result in denial of...
EUVD-2015-8590
Malware in sbrugna...
EUVD-2015-8589
Malware in sbrugna...
EUVD-2016-8046
Malware in sbrugna...
EUVD-2016-6304
Malware in sbrugna...