227 matches found
EUVD-2005-0256
Malware in sbrugna...
EUVD-2019-2624
Malware in sbrugna...
(Pwn2Own) Redis Lua Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Redis. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certain string values by the embedded Lua interpreter. The issue results from the...
EUVD-2022-55323
Malicious code in bioql PyPI...
EUVD-2022-55322
Malicious code in bioql PyPI...
EUVD-2024-53388
Malicious code in bioql PyPI...
PT-2025-38131
Name of the Vulnerable Software and Affected Versions XAPI affected versions not specified Description Multiple issues in XAPI can lead to a Denial of Service. First, while updates to the database sanitize input strings, the notification generation process uses unsanitized input, which can cause...
USN-7728-1: ImageMagick vulnerabilities
It was discovered that ImageMagick did not properly process certain format strings when interpreting image filenames. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2025-53014 It was discovered that ImageMagick did not properly proce...
Linux Distros Unpatched Vulnerability : CVE-2024-57930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect use of the strlen function, which could lead to string handling errors...
[SECURITY] Fedora 41 Update: qt6-qtbase-6.8.3-2.fc41
Qt is a software toolkit for developing applications. This package contains base tools, like string, xml, and network handling...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: - For partitions: fixed handling of bogus partition tables. Several issues in partition probing have been fixed: - The bailout mechanism for a bad partoffset must use putdevsector, since the previous readpartsector call...
CVE-2021-25831
A file extension handling issue was found in core module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote...
CBL Mariner 2.0 Security Update: kernel (CVE-2025-21905)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21905 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from...
NETGEAR R6100 安全漏洞
The NETGEAR R61 is a wireless router from NETGEAR. The NETGEAR R61 suffers from a buffer overflow vulnerability that stems from improper handling of the QUERYSTRING key value, which can be exploited by an attacker to execute arbitrary code...
Arbitrary File Disclosure
Vite is vulnerable to Arbitrary File Disclosure. The vulnerability is due to improper handling of trailing separators in query strings and is caused by the removal of trailing separators ? without proper validation in regex checks, allows attackers to bypass file access restrictions and retrieve...
PT-2025-14539 · Crates.Io · Pyo3
PyString::from object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exceptio...
CVE-2025-30348
encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string with relocation of later data...
OESA-2025-1308 zvbi security update
The ZVBI library provides functions to read from Linux V4L, V4L2 and FreeBSD BKTR raw VBI capture devices, from Linux DVB devices and from a VBI proxy to share V4L and V4L2 VBI devices between multiple applications. It can demodulate raw to sliced VBI data in software, with support for a wide ran...
SUSE-SU-2025:0737-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: Upgrade to 13.20: - CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-encoded input strings bsc1237093...