OpenBao 安全漏洞

OpenBao is an open-source sensitive data management software developed by OpenBao. Versions of OpenBao prior to 2.5.3 contained security vulnerabilities. These vulnerabilities stemmed from the ExtractPluginFromImage function in the OCI plugin downloader, which did not limit the number of bytes...

Semtech LR11xx LoRa 安全漏洞

Semtech LR11xx LoRa is a series of low-power wireless communication chips developed by the American company Semtech. The Semtech LR11xx LoRa device has a security vulnerability, which stems from the use of non-standard encryption hash algorithms that are vulnerable to secondary image attacks. Thi...

PT-2026-4852

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.10 through 6.19 Description An out-of-bounds read exists in the Linux kernel's H.323 connection tracking parser within the nf conntrack h323 module. The issue occurs in the decode int function during the CONS case...

CVE-2025-12006

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

CVE-2026-22600 OpenProject is Vulnerable to Arbitrary File Read via ImageMagick SVG Coder

OpenProject is an open-source, web-based project management software. A Local File Read LFR vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file disguised as a PNG as a work package attachment, an...

EUVD-2016-5623

Malware in sbrugna...

EUVD-2019-3147

Malware in sbrugna...

EUVD-2019-4652

Malware in sbrugna...

EUVD-2019-6208

Malware in sbrugna...

EUVD-2017-5952

Malware in sbrugna...

EUVD-2018-18917

Malware in sbrugna...

EUVD-2025-16999

Malicious code in bioql PyPI...

EUVD-2025-18685

Malicious code in bioql PyPI...

EUVD-2025-30206

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-8686

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bmnew function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failur...

Linux Distros Unpatched Vulnerability : CVE-2019-13111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service large heap allocation followed by a very long...

UBUNTU-CVE-2023-3576

A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denia...

Vulnerabilities fixed in Microsoft Paint3D

Microsoft has fixed vulnerabilities in Paint3D. The vulnerabilities allow a malicious person to execute arbitrary execute code with user privileges. The malicious must do so to trick the victim into opening a rogue image. open. Paint3D comes installed by default, but maintained through the...

Blank Image Attack: Blank Images Used to Evade Anti-Malware Checks

By Deeba Ahmed The Blank Image Attack also bypasses VirusTotal detection. This is a post from HackRead.com Read the original post: Blank Image Attack: Blank Images Used to Evade Anti-Malware Checks...

Verifying criteria is prone to known merkle proof attacks

Lines of code Vulnerability details The Merkle hash root does not indicate the tree depth, enabling a second-preimage attack in which an attacker creates a document other than the original that has the same Merkle hash root. For the example above, an attacker can create a new document containing...