32 matches found
Astra Linux – Vulnerability in libxpm
A flaw was discovered in libXpm. This issue occurs when parsing a file with a comment that is not closed properly; the “end-of-file” condition will not be detected, leading to an infinite loop and causing a Denial of Service in the application that uses the library...
CVE-2025-43380
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. Parsing a file may lead to an unexpected app termination...
CVE-2025-43380
CVE-2025-43380 describes an out-of-bounds write issue in macOS components caused by insufficient input validation. The vulnerability affects macOS Sonoma 14.8.2 (and earlier) and macOS Sequoia 15.7.2, macOS Tahoe 26.1, with parsing a file potentially leading to unexpected application termination....
CLSA-2025-1758728428 spamassassin: Fix of 2 CVEs
CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing...
CVE-2025-7497
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...
INVT VT-Designer 缓冲区错误漏洞
INVT VT-Designer is an HMI programming and configuration software from China-based INVT. A buffer error vulnerability exists in INVT VT-Designer that originates from an out-of-bounds write when parsing a PM3 file, which could lead to remote code execution...
INVT HMITool 缓冲区错误漏洞
INVT HMITool is an HMI programming and configuration software from China-based INVT. A buffer error vulnerability exists in INVT HMITool that stems from an out-of-bounds write when parsing a VPM file, which could lead to remote code execution...
CVE-2025-31239
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Parsing a file may lead to an unexpected app termination...
Ashlar-Vellum Cobalt 缓冲区错误漏洞
Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. A buffer error vulnerability exists in Ashlar-Vellum Cobalt that originates from an out-of-bounds write when parsing a VC6 file, which could lead to remote code execution...
CVE-2025-24161
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination...
CVE-2025-24112
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination...
Werkzeug possible resource exhaustion when parsing file data in forms
...
CVE-2024-44281
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a file may lead to disclosure of user information...
CVE-2024-44279
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a file may lead to disclosure of user information...
PT-2024-22037 · Apple · Itunes
Name of the Vulnerable Software and Affected Versions: iTunes versions prior to 12.13.2 Description: The issue was addressed with improved checks. Parsing a file may lead to an unexpected app termination or arbitrary code execution. Recommendations: For versions prior to 12.13.2, update to iTunes...
WithSecure Multiple Product Security Vulnerabilities
WithSecure products is a series of security software from the Finnish company WithSecure. WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and earlier. versions, WithSecure Client Security for Mac 15,...
CVE-2022-46285
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...
Race condition
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library...
Adobe Acrobat Reader DC 缓冲区错误漏洞
Adobe Acrobat Reader DC is the United States of America Odooby Adobe a Pdf reading tool. It is used to reliably view, print and annotate Pdf documents. A buffer error vulnerability exists in Adobe Acrobat Reader DC, which originates from out-of-bounds reads while parsing a file...
CVE-2021-28607
Adobe After Effects version 18.2 and earlier is affected by a heap corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue...