CVE-2025-13524

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another user after they close their call window. This issue occurs under certain conditions, which require...

MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability

Unity announced a security vulnerability CVE-2025-59489 that is affecting games or applications built with the Unity Gaming Engine Editor version 2017.1 or later. You may be using a Microsoft app or playing a Microsoft game that should be uninstalled until an update is available. We are working t...

Malicious code in Chronos.Platform.Linux.API (NuGet)

--- -= Per source details. Do not edit below this line.=-...

libxslt:xpath: Heap-buffer-overflow in xsltFormatNumberConversion

Project: https://gitlab.gnome.org/GNOME/libxslt.git Detailed Report: https://oss-fuzz.com/testcase?key=5656808252768256 Project: libxslt Fuzzing Engine: afl Fuzz Target: xpath Job Type: aflasanlibxslt Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x60300000131f Crash...

radare2/ia_fuzz: Heap-buffer-overflow in load

Project: https://github.com/radare/radare2.git Detailed report: https://oss-fuzz.com/testcase?key=5749546694475776 Project: radare2 Fuzzer: libFuzzerradare2iafuzz Fuzz target binary: iafuzz Job Type: libfuzzerasanradare2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address:...

openthread/ip6-send-fuzzer: Crash in ot::Coap::CoapBase::RemoveResource

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5754140431482880 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type: UNKNOWN RE...

gdal/envi_fuzzer: Heap-buffer-overflow in ENVIDataset::ReadHeader

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5710112736935936 Project: gdal Fuzzer: libFuzzergdalenvifuzzer Fuzz target binary: envifuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

chakra: Stack-buffer-overflow in Output::PrintBuffer

Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5319633180557312 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address: 0x7efd1fdab820 Crash State: Output::PrintBuffer...

chakra: Crash in Js::JavascriptObject::CreateKeysHelper

Detailed report: https://oss-fuzz.com/testcase?key=5612339362529280 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x007fe19e6e44 Crash State: Js::JavascriptObject::CreateKeysHelper Js::JavascriptOperators::GetOwnPropertyNames...

pcre2: Heap-buffer-overflow in _pcre2_auto_possessify_8

Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4892227272704000 Target: pcre2 Fuzzer: libFuzzerpcre2fuzzer Fuzzer binary: pcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash...

libarchive: Heap-buffer-overflow in uudecode_bidder_bid

Project: https://github.com/libarchive/libarchive.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6574689241530368 Target: libarchive Fuzzer: libFuzzerlibarchivefuzzer Fuzzer binary: libarchivefuzzer Job Type: libfuzzerasanlibarchive Platform Id: linux Crash Type:...

Heap-buffer-overflow in _Inner_InternalSpecialSymbol

Project: https://github.com/chewing/libchewing.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6203601458298880 Fuzzer: libFuzzerchewingfuzzer Job Type: libfuzzerasanlibchewing Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address: 0x7f1300d44fb0 Crash...

Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution', 'Description' = %q This module exploits a remo...

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

flash-plugin: information disclosure issues fixed in APSB15-16

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy v...

linux/x86 append "/etc/passwd" & exit() 107 bytes

No description provided by source. / appendpasswd.c Payload: Adds the string: toor::0:0:t00r:/root:/bin/bash to /etc/passwd thereby adding a password-less root account with login name toor Platform: linux/x86 Size: 107 bytes Author: $andman / / 08049054 start: 8049054: eb 38 jmp 804908e callfunc...

rPSA-2008-0118-1 bzip2

rPath Security Advisory: 2008-0118-1 Published: 2008-03-21 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Minor Exposure Level Classification: Indirect Deterministic Denial of Service Updated Versions: bzip2=conary.rpath.com@rpl:1/1.0.4-1.1-1 rPath Issue Tracking System:...

lrcf-inject.txt

-=--------------------ADVISORY-------------------=- Link Request Contact Form v3.4 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Link Request Contact Form -=+ Version: 3.4 -=+ Vendor's URL:...

guardadv.db4web.txt

Guardeonic Solutions AG www.guardeonic.com Security Advisory 01-2002 Advisory Name: DB4Web R File Disclosure Release Date: 09/17/02 Affected Product: DB4Web R Application Server Platform: Linux, nix, MS Windows Version: Unknown Severity: A DB4Web component allows files on the server to be...