Lucene search
K

198 matches found

SUSE CVE
SUSE CVE
added 2025/10/05 2:56 a.m.4 views

SUSE CVE-2023-53560

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...

5.5CVSS6.4AI score0.00139EPSS
Exploits0References19
OSV
OSV
added 2025/10/04 4:15 p.m.2 views

UBUNTU-CVE-2023-53560

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...

7.8CVSS5.9AI score0.00139EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/10/04 3:17 p.m.5 views

CVE-2023-53560 tracing/histograms: Add histograms to hist_vars if they have referenced variables

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...

0.00139EPSS
Exploits0References7
F5 Networks
F5 Networks
added 2025/09/30 9:53 p.m.9 views

K000156725: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2020-25663 A call to ConformPixelInfo in the SetImageAlphaChannel routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed or GetPixelBlue was called. This could occur if an attacker is able to submit ...

6.1CVSS7AI score0.01172EPSS
Exploits10
OSV
OSV
added 2025/09/25 6:3 p.m.6 views

CLSA-2025-1758823373 libtiff: Fix of 2 CVEs

CVE-2025-8176: fix use after free vulnerability in gethistogram function that prevents proper scanline reading and processing in tools/tiffmedian.c - CVE-2025-8177: fix array overflow in thumbnail generation that could cause buffer overflow when processing malformed TIFF files in tools/thumbnail....

7.8CVSS6.6AI score0.00271EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.10 views

Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2025-1153)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1153 advisory. A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use...

7.8CVSS5.3AI score0.00238EPSS
Exploits1References4
Amazon
Amazon
added 2025/09/08 12:0 a.m.4 views

Medium: libtiff

Issue Overview: A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been...

7.8CVSS6.5AI score0.00238EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/09/04 9:22 a.m.5 views

LibTIFF tiffmedian.c get_histogram use after free

...

7.8CVSS7AI score0.00238EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/09/02 5:24 a.m.7 views

postgresql: PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table

An access control bypass flaw has been discovered in PostgreSQL. The PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide...

3.1CVSS7AI score0.00205EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.7 views

Amazon Linux 2 : libtiff (ALAS-2025-2965)

The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2965 advisory. A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the functi...

7.8CVSS5.9AI score0.00271EPSS
Exploits2References6
OSV
OSV
added 2025/08/14 1:15 p.m.2 views

ALPINE-CVE-2025-8713

PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...

3.1CVSS6.7AI score0.00205EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.11 views

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1957)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gpio: Restrict usage of GPIO chip irq members before initializationCVE-2022-49072 mmc: core: use sysfsemit instead of sprintf.CVE-2022-49267 ipv4:...

7.8CVSS7.6AI score0.00275EPSS
Exploits0References47
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-8176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file...

7.8CVSS5.3AI score0.00238EPSS
Exploits1References2
Veracode
Veracode
added 2025/08/09 7:44 a.m.4 views

Use After Free

libtiff.so is vulnerable to Use After Free. The vulnerability is due to improper memory handling in the gethistogram function of tools/tiffmedian.c, which can be exploited locally to execute arbitrary code...

7.8CVSS7.8AI score0.00238EPSS
Exploits1References8Affected Software2
SUSE CVE
SUSE CVE
added 2025/07/28 11:31 p.m.3 views

SUSE CVE-2025-8176

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

7.3CVSS5.3AI score0.00238EPSS
Exploits1References14
OSV
OSV
added 2025/07/26 4:16 a.m.8 views

AZL-65981 CVE-2025-8176 affecting package libtiff for versions less than 4.6.0-8

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...

7.8CVSS5.4AI score0.00238EPSS
Exploits1References1
Snyk
Snyk
added 2025/07/26 3:32 a.m.2 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the gethistogram function when processing a specially crafted TIFF file. An attacker can cause memory corruption, causing a denial of service and potentially impacting confidentiality and integrity, by supplying a...

7.8CVSS5.2AI score0.00238EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/26 12:0 a.m.3 views

LibTIFF 资源管理错误漏洞

LibTIFF is a LibTIFF open source library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A resource management error vulnerability exists in LibTIFF version 4.7.0 and earlier, which stems from the existence of...

7.8CVSS5.8AI score0.00238EPSS
Exploits1References7
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.3 views

A Dual-Layer Image Encryption Framework Using Chaotic AES with Dynamic S-Boxes and Steganographic QR Codes

This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map,...

6.8AI score
Exploits0
CVE
CVE
added 2025/06/18 11:2 a.m.27 views

CVE-2022-50075

The CVE-2022-50075 entry concerns Linux kernel tracing/eprobes. A NULL pointer dereference can occur when a symbol "@" is used with an event probe, because eprobes previously did not handle data sources beyond main registers (e.g., immediate addresses, symbols, current task name). The issue is mi...

5.5CVSS6.4AI score0.00154EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder