CVE-2025-11014 OGRECave Ogre Image OgreSTBICodec.cpp encode heap-based overflow

A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...

CVE-2025-11014 OGRECave Ogre Image OgreSTBICodec.cpp encode heap-based overflow

A security flaw has been discovered in OGRECave Ogre up to 14.4.1. This issue affects the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp of the component Image Handler. The manipulation results in heap-based buffer overflow. The attack is only possible...

BIT-GITLAB-2021-39909

Lack of email address ownership verification in the CODEOWNERS feature in all versions of GitLab EE starting from 11.3 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 allows an attacker to bypass CODEOWNERS Merge Request approval...

Amazon Linux 2 : sox, --advisory ALAS2-2023-2231 (ALAS-2023-2231)

The version of sox installed on the remote host is prior to 14.4.1-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2231 advisory. A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function lsxreadwbuf in formatsi.c file. The...

XWiki 3.2M2 < 13.10.7, 14.x < 14.4.1 CSRF Vulnerability (GHSA-mq7h-5574-hw9f)

Xwiki is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

GitLab 0.8.x < 14.2.6, 14.3.x < 14.3.4, 14.4.x < 14.4.1 Code Injection Vulnerability.

GitLab is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...

CVE-2021-39911

An improper access control flaw in all versions of GitLab CE/EE starting from 13.9 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 exposes private email address of Issue and Merge Requests assignee to Webhook data consumers...

PT-2021-22759 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 14.2.6 GitLab CE/EE versions 14.3 through 14.3.3 GitLab CE/EE versions 14.4 through 14.4.0 Description: The issue involves the accidental logging of the system root password in the migration log. This allows an...

Apple iOS < 14.4.1 Vulnerability (HT212221)

Binary data appleios1441check.nbin...

[SECURITY] [DLA 1808-1] sox security update

Package : sox Version : 14.4.1-5+deb8u4 CVE ID : CVE-2019-8354 CVE-2019-8355 CVE-2019-8356 CVE-2019-8357 Debian Bug : 927906 Several issues were found in SoX, the Swiss army knife of sound processing programs, that could lead to denial of service via application crash or potentially to arbitrary...