Lucene search
K

357 matches found

Vulnrichment
Vulnrichment
added 2025/08/25 8:52 a.m.3 views

CVE-2025-7426 MINOVA TTA Information Disclosure and Credential Exposure

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...

9.3CVSS7.2AI score0.00343EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/25 12:0 a.m.6 views

PT-2025-34601 · Unknown · Minova Tta

Name of the Vulnerable Software and Affected Versions: MINOVA TTA version 11.17.0 Description: The MINOVA TTA service exposes authentication FTP credentials through debug port 1604, allowing unauthenticated remote access to active FTP accounts containing sensitive internal data and import...

9.3CVSS6.7AI score0.00343EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-17436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ReadCode in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service invalid write access via a crafted HDF5 file. This...

6.5CVSS7AI score0.01312EPSS
Exploits1References3
Veracode
Veracode
added 2025/08/13 7:37 a.m.7 views

Denial Of Service (DoS)

SixLabors.ImageSharp is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed GIF comment extension blocks due to a missing block terminator, causing the GIF decoder to enter an infinite loop when processing specially crafted files...

5.3CVSS7AI score0.00378EPSS
Exploits0References6Affected Software1
CNVD
CNVD
added 2025/07/25 12:0 a.m.4 views

IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-17026)

IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing DXF files, which can be exploited by an attacker to execute code in the context of the current...

7.8CVSS7.8AI score0.00225EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/23 12:0 a.m.2 views

IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-17061)

IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user data when parsing DXF files, which can be exploited by an attacker to execute code in the context of the current process...

7.8CVSS7.7AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 2025/07/21 8:15 p.m.3 views

CVE-2025-7320

IrfanView CADImage Plugin DXF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

7.8CVSS6.3AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.11 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/08 12:0 a.m.9 views

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in its ability to copy buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the copying of buffers without checking the size of the input data when processing GIF files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.00257EPSS
Exploits0References5Affected Software3
ATTACKERKB
ATTACKERKB
added 2025/06/17 2:30 p.m.2 views

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

3.3CVSS6.8AI score0.00149EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/21 9:32 p.m.5 views

CVE-2004-2668

SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors...

7.5CVSS8.8AI score0.01001EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 9:15 p.m.4 views

CVE-2024-11566

IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

7.8CVSS7.5AI score0.00421EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/30 12:0 a.m.3 views

Giflib 安全漏洞

Giflib is a library and utility program for processing GIFs from the Giflib open source. A security vulnerability exists in Giflib version v5.2.2 that stems from vulnerability to heap buffer overflow attacks...

6.5CVSS6.8AI score0.00438EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.7 views

The vulnerability of ImageSharp’s 2D graphics library decoder allows a hacker to induce a service failure.

The vulnerability of the ImageSharp 2D graphics library decoder is related to uncontrolled memory allocation during the processing of GIF and JPEG files. Exploiting this vulnerability can allow an attacker to cause service interruptions...

5.3CVSS5.5AI score0.00774EPSS
Exploits0References11Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/28 2:30 p.m.65 views

Moderate: Red Hat Security Advisory: protobuf security update

An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.5CVSS6.6AI score0.0266EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/28 12:0 a.m.27 views

RHEL 8 : protobuf (RHSA-2024:3433)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3433 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...

6.5CVSS6.6AI score0.0266EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.6 views

CVE-2023-37331

Kofax Power PDF GIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS7.7AI score0.00267EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.10 views

The vulnerability in the file src/gif.imageio/gifinput.cpp of the OpenImageIO image processing library allows a attacker to cause a service failure.

The vulnerability in the src/gif.imageio/gifinput.cpp file of the OpenImageIO library relates to the ability to write beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS7.4AI score0.0119EPSS
Exploits1References7Affected Software4
OpenVAS
OpenVAS
added 2024/03/25 12:0 a.m.11 views

Fedora: Security Advisory for liblas (FEDORA-2024-ef8c8a8b37)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.01158EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/03/24 12:0 a.m.3 views

XAO-Web 安全漏洞

XAO-Web is part of the XAO suite of open source web services. It allows dynamic web content to be built using data, templates and external input. A security vulnerability exists in XAO-Web versions prior to 1.84, which stems from the XAO Web module incorrectly handling JSON output characters duri...

5.4CVSS6.6AI score0.00339EPSS
Exploits0References3
Rows per page
Query Builder