CVE-2025-11083

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public an...

CVE-2025-11083 GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public an...

OESA-2025-2148 cmake security update

CMake is used to control the software compilation process using simple platform and compiler independent configuration files. CMake generates native makefiles and workspaces that can be used in the compiler environment of your choice. CMake is quite sophisticated: it is possible to support comple...

CVE-2025-9800

A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file apps/sim/app/api/files/upload/route.ts of the component HTML File Parser. Executing manipulation of the argument File can lead to unrestricte...

Solaris 10 (i386): 146574-03

SunOS 5.10: SunOS 5.10x86: syslogd patch. Date this patch was last updated by Sun : Jul/14/25 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255251; scriptversion"1.1";...

Solaris 10 (sparc): 151074-07

SunOS 5.10: SunOS 5.10: sendmail patch. Date this patch was last updated by Sun : Jul/15/24 %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include"compat.inc"; if description scriptid255255; scriptversion"1.1";...

CVE-2025-9405

CVE-2025-9405 affects Open5GS up to version 2.7.5. The vulnerability is in gmm_state_exception (src/amf/gmm-sm.c) where manipulation can trigger a reachable assertion, enabling remote exploitation. A public exploit exists and a patch is available: 8e5fed16114f2f5e40bee1b161914b592b2b7b8f. Remedia...

AZL-66683 CVE-2025-9390 affecting package vim for versions less than 9.1.1616-1

A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be...

Astra Linux – Vulnerability in binutils

A vulnerability classified as problematic was discovered in GNU Binutils 2.45. The function copysection in the file binutils/objcopy.c is affected by this vulnerability. Manipulation of this function leads to a heap-based buffer overflow. Local attacks are required to exploit this vulnerability...

SUSE CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...

CVE-2025-9020

A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handlemessageserialcontrol of the file src/modules/mavlink/mavlinkreceiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument mavlinkshell leads to use...

CVE-2025-8812

A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects an unknown part of the file /api/settings of the component Admin Panel. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-8851

A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...

AZL-66201 CVE-2025-8836 affecting package jasper for versions less than 2.0.32-5

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

CVE-2025-8836

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

CVE-2025-8836 JasPer JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion

A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...

UBUNTU-CVE-2025-8835

A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jasimagechclrspc of the file src/libjasper/base/jasimage.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack...

CVE-2025-8835

CVE-2025-8835 (and related CVEs 8836, 8837) affects JasPer up to version 4.2.5. The vulnerability lies in jas_image_chclrspc in src/libjasper/base/jas_image.c, causing a null pointer dereference with local attack vector. Open advisories show the same root cause across multiple distributions (SUSE...

CVE-2025-8812

CVE-2025-8812 affects atjiu pybbs

CVE-2025-8801 Open5GS AMF gmm-sm.c gmm_state_exception denial of service

A vulnerability was found in Open5GS up to 2.7.5. This affects the function gmmstateexception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...