GHSA-8MVJ-3J78-4QMW jsPDF Denial of Service (DoS)

Impact User control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of...

CVE-2025-8424

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...

CVE-2025-7775

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server OR NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS...

CVE-2025-7775

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server OR NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS...

CVE-2025-8424 Improper access control on the NetScaler Management Interface

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access...

CVE-2025-7775 Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server OR NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS...

Alibaba Cloud Linux 3 : 0139: gdk-pixbuf2 (ALINUX3-SA-2025:0139)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0139 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-7345: A flaw exists in gdkpixbuf within th...

Linux Distros Unpatched Vulnerability : CVE-2020-13092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scikit-learn aka sklearn through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load function, if reduce makes ...

PT-2025-34787 · Jspdf · Jspdf

Name of the Vulnerable Software and Affected Versions: jsPDF versions prior to 3.0.2 Description: jsPDF is a JavaScript library used to generate PDFs. Prior to version 3.0.2, user control over the first argument of the addImage method can lead to high CPU utilization and denial of service...

CVE-2024-46413

Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery SSRF via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...

CVE-2024-46413

Rebuild v3.7.7 was discovered to contain a Server-Side Request Forgery SSRF via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...

Linux Distros Unpatched Vulnerability : CVE-2019-14524

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Schism Tracker through 20190722. There is a heap-based buffer overflow via a large number of song patterns in fmtmtmloadsong in...

CVE-2024-46413

CVE-2024-46413 concerns Rebuild v3.7.7, where the SSRF vulnerability is triggered via the type parameter in the com.rebuild.web.admin.rbstore.RBStoreController#loadDataIndex function. The issue originates in the RBStoreController loadDataIndex path and exposes the system to server-side requests t...

Linux Distros Unpatched Vulnerability : CVE-2016-6612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. A user can exploit the LOAD LOCAL INFILE functionality to expose files on the server to the database system. All 4.6.x...

Rebuild 安全漏洞

Rebuild is a highly customizable enterprise management system from getrebuild open source. A security vulnerability exists in Rebuild version v3.7.7, which stems from a server-side request forgery in the type parameter of the com.rebuild.web.admin.rbstore.RBStoreControllerloadDataIndex method...

Linux Distros Unpatched Vulnerability : CVE-2017-2376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the Safari component. It allo...

Linux Distros Unpatched Vulnerability : CVE-2019-5052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists when loading a PCX file in SDL2image 2.0.4. A specially crafted file can cause an integer overflow, resulti...

Linux Distros Unpatched Vulnerability : CVE-2014-3539

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - base/oi/doa.py in the Rope library in CPython aka Python allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load...

Linux Distros Unpatched Vulnerability : CVE-2017-6960

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the loadapng function and the...

Metasploit Weekly Wrap-Up 08/22/2025

An Early Festivus Airing of Grievances Want to tell us how much you like us? We hope! Want to tell us how much you hate us? We hope not! We are somewhat familiar with the reclusive security expert lifestyle, as it is our own, but we are asking our users and non-users to steel themselves and take ...