PT-2025-39748

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.45 Description A flaw exists in GNU Binutils 2.45 within the dump dwarf section function located in the binutils/objdump.c file. Manipulation of the software can lead to an out-of-bounds read. This issue is exploitable...

CVE-2025-10096

A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing manipulation of the argument filePath can lead to server-side request forgery. The attack can be executed remotely. The exploit has been...

CVE-2025-9747

A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of the file assets/controllers/csrfprotectioncontroller.js. Such manipulation leads to cross-site request forgery. The attack can be executed remotely. The exploit has been disclosed to the public and may ...

CVE-2025-9747

A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of the file assets/controllers/csrfprotectioncontroller.js. Such manipulation leads to cross-site request forgery. The attack can be executed remotely. The exploit has been disclosed to the public and may ...

CVE-2025-9747

Koillection vulnerability CVE-2025-9747 affects versions up to 1.6.18 due to an unknown function in assets/controllers/csrf_protection_controller.js, enabling cross-site request forgery. The issue can be exploited remotely, and the exploit has been disclosed publicly. A fix is available in versio...

CVE-2025-9394

A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host...

CVE-2025-9165

A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...

CVE-2025-8975

A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public a...

AZL-67259 CVE-2024-13978 affecting package libtiff for versions less than 4.6.0-9

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally...

DEBIAN-CVE-2024-13978

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally...

UBUNTU-CVE-2025-6375

A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has bee...

AZL-60500 CVE-2025-3730 affecting package pytorch for versions less than 2.2.2-6

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

CVE-2018-25085

A vulnerability classified as problematic was found in Responsive Menus 7.x-1.x-dev on Drupal. Affected by this vulnerability is the function responsivemenusadminformsubmit of the file responsivemenus.module of the component Configuration Setting Handler. The manipulation leads to cross site...

CVE-2021-4264

A vulnerability was found in LinkedIn dustjs up to 2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. The attack may be launched remotely. The...