CVE-2022-50798

...

Integer Overflow or Wraparound

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-66862

A flaw was found in binutils. Processing a specially crafted PE file with cxxfilt can trigger a heap-based buffer over-read in the gnuspecial function in the cplus-dem.c file, causing a crash and resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the...

Security Bulletin: Multiple Vulnerabilities in IBM Event Processing

Summary Multiple vulnerabilities were addressed in IBM Event Processing version 1.4.5 Vulnerability Details CVEID:CVE-2025-30218 DESCRIPTION: Next.js is a React framework for building full-stack web applications. To mitigate CVE-2025-29927, Next.js validated the x-middleware-subrequest-id which...

OESA-2025-2854 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled...

CVE-2023-54181 bpf: Fix issue in verifying allow_ptr_leaks

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allowptrleaks After we converted the capabilities of our networking-bpf program from capsysadmin to capnetadmin+capbpf, our networking-bpf program failed to start. Because it failed the bpf verifier, a...

CVE-2022-50786 media: s5p-mfc: Clear workbit to handle error condition

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

CLSA-2025-1767094035 webkit2gtk3: Fix of 7 CVEs

Update to 2.50.4 to fix the following vulnerabilities: - CVE-2025-14174: fix memory corruption via improved validation of web content - CVE-2025-43501: fix buffer overflow with improved memory handling to prevent process crashes - CVE-2025-43529: fix use-after-free in memory management to prevent...

SUSE CVE-2018-25153

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...

SUSE CVE-2018-25154

GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system...

编号撤回

SoX is a suite of open source audio processing tools. The product supports playing, converting and recording audio in multiple formats. A numeric error vulnerability exists in SoX version 14.4.2, which originates from a divide-by-zero error when processing a specially crafted WAV file, and may...

PT-2025-53944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ipu3-imgu component where a NULL pointer dereference can occur in the imgu subdev set selection function. This happens when v4l2 subdev get try crop a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992660)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992660 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992266)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992266 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/active: Fix misuse of non-idle barriers as fence trackers Users reported oopses on list...

PT-2025-53947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel’s ath9k driver related to the handling of skb socket buffer memory within the ath9k hif usb reg in cb function. Specifically, the issue...

CVE-2025-14177

A flaw was found in PHP. The getimagesize function may leak uninitialized heap memory when processing images in multi-chunk mode, such as through php://filter. This vulnerability, caused by a bug in phpreadstreamallchunks that overwrites the buffer without advancing the pointer, allows an attacke...

CVE-2025-15198

A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executing a manipulation of the argument User can lead to sql injection. The attack may be launched remotely. The exploit has been made available ...

CVE-2025-15178

A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/VirtualSer of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has be...

CMSimple Cross-Site Scripting Vulnerability

CMSimple is a free content management system. CMSimple suffers from a cross-site scripting vulnerability that stems from the application not effectively filtering or neutralizing HTML Unicode encoding when processing user input. An attacker could use this vulnerability to execute arbitrary...