CVE-2025-66047

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131...

net.codinux.invoicing:e-invoice (>=0.5.0 <=0.5.2), net.codinux.invoicing:e-invoice-domain-android (>=0.6.0 <=0.8.0) +2 more potentially affected by CVE-2025-66372 via org.mustangproject:library (>=2.0.0 <=2.16.2)

org.mustangproject:library MAVEN version =2.0.0, =0.5.0, =0.6.0, =0.6.0, =2.0.0, =2.16.2 Source cves: CVE-2025-66372 Source advisory: OSV:GHSA-X832-FPVJ-R5PH...

MAL-2025-16265 Malicious code in buffalo-asteroid-ptp801-project (npm)

The package buffalo-asteroid-ptp801-project was found to contain malicious code...

MAL-2025-28994 Malicious code in pearl-zeby4-iywcm-prism-project (npm)

The package pearl-zeby4-iywcm-prism-project was found to contain malicious code...

MAL-2025-19958 Malicious code in everglow-quasar-rim009-project (npm)

The package everglow-quasar-rim009-project was found to contain malicious code...

MAL-2025-21955 Malicious code in grove-dove-hjg826-project (npm)

The package grove-dove-hjg826-project was found to contain malicious code...

MAL-2025-15947 Malicious code in bonfire-hill-fjz601-project (npm)

The package bonfire-hill-fjz601-project was found to contain malicious code...

MAL-2025-19075 Malicious code in eagle-reef-nbj731-project (npm)

The package eagle-reef-nbj731-project was found to contain malicious code...

MAL-2025-29292 Malicious code in pinnacle-tuysy-cws9u-haven-project (npm)

The package pinnacle-tuysy-cws9u-haven-project was found to contain malicious code...

MAL-2025-22238 Malicious code in harp-8uplv-sqsxc-harmony-project (npm)

The package harp-8uplv-sqsxc-harmony-project was found to contain malicious code...

MAL-2025-20139 Malicious code in fable-unison-egl659-project (npm)

The package fable-unison-egl659-project was found to contain malicious code...

CVE-2024-47159

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project...

CVE-2021-21849

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC code due to unchecked...

DEBIAN-CVE-2021-21836

An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts” FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based...

DEBIAN-CVE-2021-21839

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that...

UBUNTU-CVE-2020-26407

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project...

GNU C Library Code Problem Vulnerability

The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A code issue vulnerability exists in the nscd daemon in versions of the GNU C Library prior to 2.5, which arises from an improperly designed or implemented code development process for a networked...

GNU LibreDWG 'dwg_free_eed' function double release vulnerability

GNU LibreDWG is a C language library developed by the GNU Project for working with DWG files. A security vulnerability exists in the 'dwgfreeeed' function of the free.c file in GNU LibreDWG version 0.5.1048, which stems from the program's failure to properly manage the obj-eed value after a relea...

DEBIAN-CVE-2017-15671

The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak...

Libgcrypt Information Disclosure Vulnerability (CNVD-2017-21505)

Libgcrypt is a general-purpose cryptographic library developed by the GNU Project based on the GnuPG code. The library implements a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, public key algorithms, and more. An information disclosure vulnerability exists...