OESA-2026-2025 openjpeg2 security update

OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic Experts Group JPEG. Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a JPEG 2000...

PT-2025-34566 · Vim +1 · Vim +1

Name of the Vulnerable Software and Affected Versions: vim versions prior to 9.1.1616 Description: A security flaw exists in vim due to a buffer overflow in the main function of the xxd.c file within the xxd component. The vulnerability is locally exploitable. An exploit for this issue has been...

AZL-64323 CVE-2025-6497 affecting package tidy 5.8.0-6

A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public an...

UBUNTU-CVE-2025-2925

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MMrealloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to th...

PT-2025-32539 · Unknown +1 · Nasm Netwide Assembler +1

Name of the Vulnerable Software and Affected Versions: NASM Netwide Assembler version 2.17rc0 Description: A stack-based buffer overflow issue was identified in the assemble file function within the nasm.c file. The issue can be exploited on the local host. The exploit has been publicly disclosed...

Improper access control

A vulnerability was found in KylinSoft hedron-domain-hook up to 3.8.0.12-0k0.5. It has been declared as critical. This vulnerability affects the function initkcm of the component DBus Handler. The manipulation leads to improper access controls. Attacking locally is a requirement. The exploit has...

CVE-2023-1448

A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gfm2tsprocesssdt of the file mediatools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...

CVE-2022-37939

A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 servers. The vulnerability could be locally exploited to allow disclosure of information. HPE has made the following software to resolve the vulnerability in HPE Superdome Flex Servers v3.65.8 and...

CVE-2018-18440

DENX U-Boot through 2018.09-rc1 has a locally exploitable buffer overflow via a crafted kernel image because filesystem loading is mishandled...

Quest KACE System Management Appliance Multiple Vulnerabilities

Advisory ID Internal CORE-2018-0004 1. Advisory Information Title: Quest KACE System Management Appliance Multiple Vulnerabilities Advisory ID: CORE-2018-0004 Advisory URL:https://www.coresecurity.com/core-labs/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities Date...

TP-Link EAP Controller Multiple Vulnerabilities

1. Advisory Information Title: TP-Link EAP Controller Multiple Vulnerabilities Advisory ID: CORE-2018-0001 Advisory URL:http://www.coresecurity.com/core-labs/advisories/tp-link-eap-controller-multiple-vulnerabilities Date published: 2018-05-03 Date of last update: 2018-05-03 Vendors contacted:...

SAP Adaptive Server Enterprise 16 - Denial of Service

''' Application: SAP Adaptive Server Enterprise Versions Affected: SAP Adaptive Server Enterprise 16 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2330839 Author...

SAP NetWeaver KERNEL 7.5 Buffer Overflow

Application: SAP NetWeaver KERNEL Versions Affected: SAP NetWeaver KERNEL 7.0-7.5 Vendor URL: http://SAP.com Bugs: Denial of Service Sent: 09.03.2016 Reported: 10.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 12.07.2016 Reference: SAP Security Note 2295238 Author: Dmitry Yudin...

KLA10812 Privilege escalation vulnerabilities in Lenovo Solution Center

Multiple serious vulnerabilities have been found in Lenovo Solution Center. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities 1. An unknown vulnerability at SystemService can be exploited locally to terminate arbitrary process via...

Mandriva Linux Mandrake 7.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1265/info The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid cdburner which is a group, gid: 80, that is...

IcoFX 2.5.0.0 Buffer Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ IcoFX Buffer Overflow Vulnerability 1. Advisory Information Title: IcoFX Buffer Overflow Vulnerability Advisory ID: CORE-2013-1107 Advisory URL: http://www.coresecurity.com/advisories/icofx-buffer-overflow-vulnerability Date...

SimpleRisk 20130915-01 - Multiple Vulnerabilities

Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-A3 Impact: Full Account Compromise...

SimpleRisk 20130915-01 - Multiple Vulnerabilities

SimpleRisk 20130915-01 - Multiple Vulnerabilities 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS...

Vivotek IP Camera Buffer Overflow / Disclosure / Injection

Core Security - Corelabs Advisory http://corelabs.coresecurity.com Vivotek IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Vivotek IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0301 Advisory URL:...

Apple OS X Sandbox Predefined Profiles Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Apple OS X Sandbox Predefined Profiles Bypass 1. Advisory Information Title: Apple OS X Sandbox Predefined Profiles Bypass Advisory ID: CORE-2011-0919 Advisory URL:...