3037 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-62594
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service du...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to convert nrpages to an unsigned long type, which could lead to an overflow in the PERFIDX2OFF...
UBUNTU-CVE-2025-62231
A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...
ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
Summary A single root cause in the CLAHE implementation — tile width/height becoming zero — produces two distinct but related unsafe behaviors. Vulnerabilities exists in the CLAHEImage function of ImageMagick’s MagickCore/enhance.c. 1. Unsigned integer underflow → out-of-bounds pointer arithmetic...
EUVD-2025-36365
ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash DoS...
GHSA-WPP4-VQFQ-V4HP ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
Summary A single root cause in the CLAHE implementation — tile width/height becoming zero — produces two distinct but related unsafe behaviors. Vulnerabilities exists in the CLAHEImage function of ImageMagick’s MagickCore/enhance.c. 1. Unsigned integer underflow → out-of-bounds pointer arithmetic...
CVE-2025-62594
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...
UBUNTU-CVE-2025-62594
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...
CVE-2025-62594 ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...
CVE-2025-62594 ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...
CVE-2025-62594 ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...
CVE-2025-62594
CVE-2025-62594 affects ImageMagick up to version 7.1.2-7 (pre-patch). The vulnerability is due to unsigned integer underflow and a division-by-zero in CLAHEImage when tile width or height is zero, causing out-of-bounds access and a crash. The issue is fixed in 7.1.2-8. Affected platforms referenc...
CVE-2025-34500
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...
ImageMagick 数字错误漏洞
ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert, or write images in a variety of formats. A numeric error vulnerability exists in versions of ImageMagick prior to 7.1.2-8, which stems from an unsigned integer underflow and...
OSV-2025-857 Global-buffer-overflow in void jxl::N_AVX2::WriteToOutputStage::StoreUnsignedRow<unsigned char>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=454749502 Crash type: Global-buffer-overflow READ 16 Crash state: void jxl::NAVX2::WriteToOutputStage::StoreUnsignedRow jxl::NAVX2::WriteToOutputStage::OutputBuffers jxl::NAVX2::WriteToOutputStage::ProcessRow...
CVE-2025-34500
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...
CVE-2025-34500 Shuffle Master Deck Mate 2 Insecure Update Chain
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...
CVE-2025-34500 Shuffle Master Deck Mate 2 Insecure Update Chain
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit's...
Light & Wonder Deck Mate 安全漏洞
Light & Wonder Deck Mate is an automated licensing device from Light & Wonder, UK. A security vulnerability exists in Light & Wonder Deck Mate that stems from a firmware update mechanism that does not validate cryptographic signatures and uses hard-coded AES keys, which could lead to the executio...
CVE-2025-57521
Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code execution during application startup. The application loads a network plugin without validating its digital signature or verifying its authenticity. A local attacker can exploit this behavior by placing a...