CVE-2025-21052

Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...

CVE-2025-21052

Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...

EUVD-2025-33681

Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory...

CVE-2025-21051

Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory...

CVE-2025-21051

Vulnerability: CVE-2025-21051. Affected component: libpadm.so (JPEG decoding pre-processing) in Samsung mobile software prior to SMR Oct-2025 Release 1. Root cause / description: Out-of-bounds write during JPEG decoding pre-processing, enabling a local attacker to write outside allocated memory. ...

PT-2025-41512

Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write issue exists in the JPEG decoding pre-processing within libpadm.so. This allows a local attacker to write to memory outside of allocated boundaries. The iss...

PT-2025-41513

Name of the Vulnerable Software and Affected Versions libpadm.so versions prior to SMR Oct-2025 Release 1 Description An out-of-bounds write issue exists during the pre-processing of JPEG decoding. This can lead to memory corruption for local attackers. The issue is present in libpadm.so prior to...

GHSA-26JH-R8G2-6FPR Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list

Impact What kind of vulnerability is it? Who is impacted? This vulnerability is a data validation issue in the Gradio Dropdown component's pre-processing step. Even if the allowcustomvalue parameter is set to False, attackers can bypass this restriction by sending custom requests with arbitrary...

Gradio's dropdown component pre-process step does not limit the values to those in the dropdown list

Impact What kind of vulnerability is it? Who is impacted? This vulnerability is a data validation issue in the Gradio Dropdown component's pre-processing step. Even if the allowcustomvalue parameter is set to False, attackers can bypass this restriction by sending custom requests with arbitrary...

PT-2024-40012 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: Gradio versions prior to 5.0 Description: This issue is a data validation problem in the Gradio Dropdown component's pre-processing step. It allows attackers to bypass input constraints by sending custom requests with arbitrary values, even...

[SECURITY] [DLA 3538-1] zabbix security update

Debian LTS Advisory DLA-3538-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost August 22, 2023 https://wiki.debian.org/LTS Package : zabbix Version : 1:4.0.4+dfsg-1+deb10u2 CVE ID : CVE-2013-7484 CVE-2019-17382 CVE-2022-35229 CVE-2022-43515 CVE-2023-29450...

SUSE CVE-2023-29450

JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

DEBIAN-CVE-2023-29450

JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

CVE-2023-29450

JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

Design/Logic Flaw

JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...

CVE-2023-29450

CVE-2023-29450 is a Zabbix vulnerability where JavaScript pre-processing can be used to gain read-only filesystem access on the Zabbix Server/Proxy on behalf of user “zabbix,” enabling potential exposure of sensitive data. Publicly documented variants in connected advisories (e.g., Debian DLA/DLA...

[SECURITY] Fedora 37 Update: tcpreplay-4.4.3-3.fc37

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

Experts Find a Way to Learn What You're Typing During Video Calls

A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed. The research was undertaken by Mohd Sabra, and Murtuza Jadliwala from the...

[SECURITY] Fedora 26 Update: tcpreplay-4.2.1-1.fc26

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

IBM UrbanCode Deploy Multiple Vulnerabilities

IBM UrbanCode Deploy is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ibm:urbancodedeploy"; ...