65 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed an out-of-range indexing issue in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only...
CVE-2025-71319
A flaw was found in image-size. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted JXL, HEIF, or JP2 image files that contain zero-sized boxes. The findBox function, responsible for image validation, enters an infinite loop when processing...
Linux Distros Unpatched Vulnerability : CVE-2025-71319
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a...
CVE-2025-71330
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing valid magic bytes and a zero-valued entry length field to...
CVE-2025-71329
The CVE-2025-71329 vulnerability affects image-size up to version 2.0.2 and is triggered by a crafted image buffer containing a zero-valued size field in a recognized box-type, causing an infinite loop in the JXL or HEIF parsers and permanently blocking the Node.js event loop (DoS). Impact is den...
CVE-2025-71330 image-size 2.0.2 Denial of Service via Malformed ICNS Image Parsing
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted ICNS image buffer. Attackers can craft an ICNS buffer containing valid magic bytes and a zero-valued entry length field to...
image-size 资源管理错误漏洞
image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size 2.0.2 and earlier have security vulnerabilities. These vulnerabilities stem from infinite loops within the ICNS parser, which could allow remote attackers to permanently block the Node.js event...
image-size 资源管理错误漏洞
image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size 2.0.2 and earlier have security vulnerabilities. These vulnerabilities stem from infinite loops within the JXL or HEIF image parser, which could allow remote attackers to permanently block the...
CVE-2025-71319 image-size 2.0.2 Denial of Service via Infinite Loop in JXL/HEIF Parser
image-size through 2.0.2 contains a denial of service vulnerability that allows remote attackers to permanently block the Node.js event loop by supplying a specially crafted image buffer with a zero-valued size field in a recognized box-type. Attackers can trigger an infinite loop in the JXL or...
image-size 资源管理错误漏洞
image-size is a lightweight image size retrieval tool developed by image-size. Versions of image-size from 1.1.0 to 1.2.1 and from 2.0.0 to 2.0.2 contained security vulnerabilities. These vulnerabilities stemmed from the findBox function, which had a denial-of-service vulnerability when processin...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server could crash the FreeRDP client by sending invalid huge allocation sizes. Version 3.5.1 includes a patch for this issue. There are no known workaround solutions available...
samtools 代码问题漏洞
Samtools is a set of open-source tools for processing high-throughput sequencing data. Versions of Samtools prior to 1.23.1, 1.22.2, and 1.21.1 have code vulnerabilities. These vulnerabilities stem from a lack of error checking in the cram-size command, which may lead to null pointer dereferencin...
CVE-2021-22391
There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset...
EUVD-2021-27242
Malware in sbrugna...
EUVD-2021-27238
Malware in sbrugna...
EUVD-2024-28326
Malicious code in bioql PyPI...
EUVD-2021-27701
Malicious code in bioql PyPI...
EUVD-2022-30013
Malicious code in bioql PyPI...
EUVD-2024-34384
Malicious code in bioql PyPI...
EUVD-2025-21163
Malicious code in bioql PyPI...