12 matches found
Astra Linux – Vulnerability in libraw
In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...
EUVD-2024-53340
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-48425
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using...
AZL-65208 CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed ...
DEBIAN-CVE-2025-6270
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...
CVE-2024-56692
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncatenode syzbot reports a f2fs bug as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2534! RIP: 0010:f2fsinvalidateblocks+0x35f/0x370...
UBUNTU-CVE-2024-48425
A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a...
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
...
CVE-2023-23007
An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added...
PT-2020-6802 · Libraw +3 · Libraw +3
Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to an out-of-bounds write vulnerability within the new node function in the LibRaw library, which can be triggered via a crafted X3F file. This vulnerability may allow a...
SolarWinds Network Performance Monitor Cross-Site Scripting Vulnerability
SolarWinds Network Performance Monitor NPM is a network performance monitor from SolarWinds, Inc. that provides monitoring and reporting, tracking of up/down status, real-time analytics, and network performance statistics for routers, virtualized environments, and other devices. A cross-site...
CVE-2017-9537
Persistent cross-site scripting XSS in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various vulnerable parameters...