CVE-2026-6604

A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function parseurl/prepareimage/openaiaudiototext of the file src/agentscope/tool/multimodality/openaitools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument...

EUVD-2015-3789

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-3753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint...

CVE-2020-12248

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled...

Heap overflow

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled...

CVE-2020-12248

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled...

PT-2019-12726 · Outsystems · Outsystems Platform

Name of the Vulnerable Software and Affected Versions: OutSystems Platform versions 10 through 11 Description: The issue allows for CSRF attacks on ImageResourceDetail.aspx, potentially leading to content modifications and file uploads. It is noted that the product is self-hosted by the customer...

Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File

Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File We have encountered a Windows kernel crash in nt!MiOffsetToProtos while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE |...

The vulnerability of the ParseImageResourceBlocks function in the cross-platform library for working with ImageMagick graphics allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the ParseImageResourceBlocks function “coders/psd.c” in the cross-platform library for working with ImageMagick is related to reading beyond the allowable memory limit due to buffer overflow. Exploiting this vulnerability can allow an attacker to cause service failures or...

PT-2018-3205 · Imagemagick +2 · Imagemagick +2

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8 through 7.0.11 Description: The issue is caused by a heap-based buffer over-read in the PushShortPixel function, located in MagickCore/quantum-private.h, which can be exploited by a remote attacker to execute...

Non-Exploitable Security Issues

Invalid Code The following code was found in the XOOPS project. User input is saved in the variable $filter and then used in a call to eval - a security nightmare. image.php 301 302 303 $filter = isset$GETfilter ? $GETfilter : false; $destinationimage = imagecreatetruecolor$tnwidth, $tnheight;...

acroread: multiple code execution flaws (APSB11-24)

Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors...