CVE-2025-64183

OpenEXR vulnerability CVE-2025-64183 affects the Python exposure PyOpenEXR_old.cpp: a use-after-free in PyObject_StealAttrString when retrieving attributes via PyObject_GetAttrString, returning a dangling PyObject*. This can be triggered in various reads (e.g., PixelType.v, Box2i, V2f) and is exp...

CVE-2025-64183 OpenEXR has use after free in PyObject_StealAttrString

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

OSV-2025-890 Heap-buffer-overflow in icalmemory_tmp_copy

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=458943970 Crash type: Heap-buffer-overflow WRITE 1 Crash state: icalmemorytmpcopy icalreqstattypefromstring icalvaluenewfromstring...

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

Improper Neutralization

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Improper Neutralization due to insufficient sanitization of special whitespace characters in the escapeStringWin function. An attacker can execute arbitrary code by crafting malicious inp...

EUVD-2025-38290

In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management function under the system management module, it is possible to execute any Java class with a parameterless constructor and its methods with parameter type String through reflection. At this time, th...

CVE-2025-59392

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

CVE-2025-59392

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

CVE-2025-59392

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

BIT-GOLANG-2025-61725 Excessive CPU consumption in ParseAddress in net/mail

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters

An unsafe default behavior in Rack::QueryParser allows bypass of the paramslimit parameter count restriction when query string parameters are delimited by semicolons ; rather than ampersands &. The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, ...

Netcad Netigma 跨站脚本漏洞

Netcad Netigma is an enterprise-level GIS and business application development platform from Netcad Turkey. A cross-site scripting vulnerability exists in Netcad Netigma 28102025 and prior versions, which stems from improperly neutralized HTTP query string inputs and could lead to cross-site...

CVE-2025-59392

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990461 advisory. In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a...

CVE-2025-59392

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters

An unsafe default behavior in Rack::QueryParser allows bypass of the paramslimit parameter count restriction when query string parameters are delimited by semicolons ; rather than ampersands &. The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, ...

CVE-2025-31954

HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see...

EUVD-2025-37917

HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see...

CVE-2025-31954

CVE-2025-31954 affects HCL iAutomate in versions 6.5.1 and 6.5.2. The root cause is using HTTP GET to process requests with sensitive information in the query string, enabling potential disclosure of limited information to an unintended party. Impact is information disclosure; no exploitation det...

CVE-2025-31954 HCL iAutomate is susceptible to a sensitive information disclosure

HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see...