executorch 安全漏洞

executorch is a PyTorch deployment tool from pytorch open source. A security vulnerability exists in executorch that stems from out-of-bounds access when loading a model, which could lead to a crash or code execution...

ALSA-2025:13315 Moderate: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk?pixbuf: Heap?buffer?overflow in gdk?pixbuf CVE-2025-7345 For more details about the security issues,...

python-cryptography: NULL-dereference when loading PKCS7 certificates

A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...

python-cryptography: NULL-dereference when loading PKCS7 certificates

A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...

python-cryptography: NULL-dereference when loading PKCS7 certificates

A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...

Linux Distros Unpatched Vulnerability : CVE-2022-49753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmaengine: Fix double increment of clientcount in dmachanget The first time dmachanget is called for a channel the channel clientcount is incorrectly incremente...

CVE-2013-10068

Foxit Reader versions through 5.4.5.0114, including the bundled Foxit Reader Plugin 2.2.1.530, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer,...

Arbitrary Code Execution

skops is vulnerable to Arbitrary Code Execution. The vulnerability is due to exploitation of the MethodNode class, which allows unexpected attribute access via dot notation during model loading...

CVE-2025-51726

CyberGhostVPNSetup.exe Windows installer is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicious actor to craft a fake installer with a forged SHA-1 certificate that may still be accepted by Windows signature verification...

[SECURITY] Fedora 42 Update: gdk-pixbuf2-2.42.12-12.fc42

gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter...

CVE-2025-31276

This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the 'Load Remote Images' setting is turned off...

Unspecified Vulnerability in Apple iOS/iPadOS (CNVD-2025-17891)

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. Apple iOS and Apple iPadOS contain a security vulnerability that originates from improper state management and...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

CVE-2025-31276

This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the 'Load Remote Images' setting is turned off...

The vulnerability of the resize() and text() methods of the ImageMagick framework, which are used for developing web systems and CodeIgniter applications, allows attackers to load arbitrary files.

The vulnerability of the resize and text methods of the ImageMagick framework used for developing web systems and CodeIgniter applications relates to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. Apple iOS and Apple iPadOS contain a security vulnerability that originates from improper state management and...

CVE-2025-31276

This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the 'Load Remote Images' setting is turned off...

PT-2025-31277 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.6 iPadOS versions prior to 17.7.9 iPadOS versions prior to 18.6 Description: The issue was addressed through improved state management. Remote content may be loaded even when the 'Load Remote Images' setting is turned...

CVE-2025-6241 CVE-2025-6241

LsiAgent.exe, a component of SysTrack from Lakeside Software, attempts to load several DLL files which are not present in the default installation. If a user-writable directory is present in the SYSTEM PATH environment variable, the user can write a malicious DLL to that directory with arbitrary...

Malicious code in dva-loading-show-rce (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2779c32d64a46ff3b8b9de62cd9161c7b6e0071c4a3103b2a37e949f374467a0 The OpenSSF Package Analysis project identified 'dva-loading-show-rce...