357 matches found
CVE-2025-7426 MINOVA TTA Information Disclosure and Credential Exposure
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...
PT-2025-34601 · Unknown · Minova Tta
Name of the Vulnerable Software and Affected Versions: MINOVA TTA version 11.17.0 Description: The MINOVA TTA service exposes authentication FTP credentials through debug port 1604, allowing unauthenticated remote access to active FTP accounts containing sensitive internal data and import...
Linux Distros Unpatched Vulnerability : CVE-2018-17436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ReadCode in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service invalid write access via a crafted HDF5 file. This...
Denial Of Service (DoS)
SixLabors.ImageSharp is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed GIF comment extension blocks due to a missing block terminator, causing the GIF decoder to enter an infinite loop when processing specially crafted files...
IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-17026)
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DXF files, which can be exploited by an attacker to execute code in the context of the current...
IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-17061)
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user data when parsing DXF files, which can be exploited by an attacker to execute code in the context of the current process...
CVE-2025-7320
IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in its ability to copy buffers without checking the size of the input data. This allows attackers to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the copying of buffers without checking the size of the input data when processing GIF files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2025-6199
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...
CVE-2004-2668
SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2024-11566
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...
Giflib 安全漏洞
Giflib is a library and utility program for processing GIFs from the Giflib open source. A security vulnerability exists in Giflib version v5.2.2 that stems from vulnerability to heap buffer overflow attacks...
The vulnerability of ImageSharp’s 2D graphics library decoder allows a hacker to induce a service failure.
The vulnerability of the ImageSharp 2D graphics library decoder is related to uncontrolled memory allocation during the processing of GIF and JPEG files. Exploiting this vulnerability can allow an attacker to cause service interruptions...
Moderate: Red Hat Security Advisory: protobuf security update
An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : protobuf (RHSA-2024:3433)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3433 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...
CVE-2023-37331
Kofax Power PDF GIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...
The vulnerability in the file src/gif.imageio/gifinput.cpp of the OpenImageIO image processing library allows a attacker to cause a service failure.
The vulnerability in the src/gif.imageio/gifinput.cpp file of the OpenImageIO library relates to the ability to write beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
Fedora: Security Advisory for liblas (FEDORA-2024-ef8c8a8b37)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
XAO-Web 安全漏洞
XAO-Web is part of the XAO suite of open source web services. It allows dynamic web content to be built using data, templates and external input. A security vulnerability exists in XAO-Web versions prior to 1.84, which stems from the XAO Web module incorrectly handling JSON output characters duri...