CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

EUVD-2026-13810

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

PT-2026-26677

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in pic parameter set::set derived values. This issue has been patched in version 1.0.17...

EUVD-2025-29195

Malicious code in bioql PyPI...

CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

CVE-2025-10447

A vulnerability was detected in Campcodes Online Job Finder System 1.0. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. It is possible to launch the attack remotely. The exploit is now publ...

CVE-2025-10447

CVE-2025-10447 affects Campcodes Online Job Finder System 1.0. The vulnerability is in an unknown function of /eris/applicationform.php where manipulating the picture parameter enables unrestricted file upload, allowing remote exploitation. Multiple sources confirm the exploit is public, with var...

Campcodes Online Job Finder System 安全漏洞

CampCodes Online Job Finder System is an online job finder system from CampCodes, Inc. A security vulnerability exists in version 1.0 of the Campcodes Online Job Finder System, which stems from an incorrect manipulation of the parameter picture in the file /eris/applicationform.php, which could...

CVE-2025-4735

A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/product.php. The manipulation of the argument Picture leads to unrestricted upload. The attack can be launched...

CampCodes Sales and Inventory System 代码问题漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. A code issue vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which stems from improper handling of the parameter Picture in the file /pages/product.php, which could lead to...

CVE-2025-3042

A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit...

Campcodes Project Management System 代码问题漏洞

Campcodes Project Management System is a project management system from Campcodes, Inc. A code issue vulnerability exists in Campcodes Project Management System version 1.0, which stems from the parameter file in the file /forms/updateforms.php?action=changepic2&id=4 that can lead to unrestricted...

CVE-2024-10412

A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. The manipulation of the argument picture leads to cross site scripting. The attack can be launched...

SQL Injection Vulnerability in List_picture Parameter of SMiCMS Government Website System

State Micro CMS is one of the mainstream CMS systems in China, and is also the open source platform provider in the field of PHP in Southern China. State Micro CMS government website system listpicture parameter SQL injection vulnerability, the vulnerability is due to the failure of the user to...

UBUNTU-CVE-2016-3828

decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28835995...

Piwigo 'rate_picture' function SQL injection vulnerability

Piwigo is a photo album script written in PHP. Piwigo suffers from a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands by taking the picturephp rate parameter...

Directory traversal

Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. dot dot in the picture parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote attackers to inject arbitrary web script or HTML via the picture parameter...