CVE-2026-54236

CVE-2026-54236 affects vLLM versions before 0.23.1rc0. Five code paths bypass the sanitize_message global exception handler, leaking heap addresses via exception messages: (1) Anthropic API router POST /v1/messages and POST /v1/messages/count_tokens (vllm/entrypoints/anthropic/api_router.py), (2)...

CVE-2026-22778

Summary of CVE-2026-22778 : A vulnerability in vLLM (0.8.3–0.14.0) lets an attacker send an invalid image to the multimodal endpoint, causing PIL to leak a heap address. This information disclosure can be chained with a heap overflow in the JPEG2000 decoder used by OpenCV/FFmpeg to achieve remote...

EUVD-2025-11957

Malicious code in bioql PyPI...

XSS Vulnerabilities in Search Functionality and Course Tags

Description 1. XSS via Image Error in Search Box: - This vulnerability allows an attacker to execute a Cross-Site Scripting XSS attack through the search functionality of the web application. When a user performs a search, the application attempts to display an image related to the search query...

PT-2024-20949 · Imlib2 +1 · Imlib2 +1

Name of the Vulnerable Software and Affected Versions: imlib2 version 1.9.1 Description: An issue in the imlib load image with error return function allows attackers to cause a heap buffer overflow via parsing a crafted image. Recommendations: For imlib2 version 1.9.1, consider disabling the imli...

GHSA-HR8G-F6R6-MR22 Buffer over-flow in Pillow

When reading a TGA file with RLE packets that cross scan lines, Pillow reads the information past the end of the first line without deducting that from the length of the remaining file data. This vulnerability was introduced in Pillow 9.1.0, and can cause a heap buffer overflow. Opening an image...

Outlook is unable to launch after Citrix UPM Hotfix ProfilemgtWX64_1912_3001 installation Error status 0xc0000428

After installing theCitrixHotfixProfilemgtWX6419123001, anerror is generated when opening Outlook: OUTLOOK.EXE : Bad Image C:\Program Files\Citrix\User Profile Manager\upmoutlookhook64.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the...

ALPINE-CVE-2019-13301

ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error...

PT-2019-2985 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.8-50 Q16 Description: The issue is related to memory leaks in the AcquireMagickMemory function due to an AnnotateImage error. It is also associated with the use of memory after it has been freed in components...

App Layering error "A failure occurred while publishing the Layered Image: "Failed scanning a directory for files” Alternate

When publishing an image the ELM gives an error, "A failure occurred while publishing the Layered Image: Failed scanning a directory for files."...

DEBIAN-CVE-2018-14048

An issue has been found in libpng 1.6.34. It is a SEGV in the function pngfreedata in png.c, related to the recommended error handling for pngreadimage...

Hot-add of Digest Enabled Disk Not Supported

The CachePoint Appliance could not create the boot image of Windows 10. Error is: Failed to reattach disks to the desktop that were temporarily attached to the CachePoint Appliance. In vSphere a vm reconfigure task displays, "Hot-add of digest enabled disk not supported"...

Cells Blog 3.3跨站脚本和SQL注入漏洞

No description provided by source. 1 Reflective XSS on 'msg=' PoC: http://localhost/cells-v3-3/errmsg.php?msg= %3C%2Fp%3E%3Cscript%3Ealert%28%27XSS%27%29%3B%3C%2Fscript%3E%3Cp%3E Vulnerable Code: + errmsg.php ? echo "img src='images/error.gif'"; if isset$GET"msg"$msg=$GET"msg";else$msg=""; if...

CVE-2004-0804

Vulnerability in tifdirread.c for libtiff allows remote attackers to cause a denial of service application crash via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452...