CVE-2024-6058

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page=SampleHistoricalList&iframename=list&crc=crc1701669816260. The manipulation of the argument height/width leads to cross site scripting. It is...

CVE-2023-24392

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...

CVE-2020-11161

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2019-13962

lavcCopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height...

CVE-2015-10075

A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...

CVE-2019-25220

Bitcoin Core before 24.0.1 allows remote attackers to cause a denial of service daemon crash via a flood of low-difficulty header chains aka a "Chain Width Expansion" attack because a node does not first verify that a presented chain has enough work before committing to store it...

CVE-1999-0465

Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter...

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero via the startinputtga function in rdtarga.c. An attacker can cause a denial of service by sending an image with a zero width or height, resulting in a SIGFPE. Remediation A fix was pushed into the master branch but not...

UBUNTU-CVE-2025-37740

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

PT-2025-15235 · Unknown · Tarteaucitron.Js

Name of the Vulnerable Software and Affected Versions: tarteaucitron.js versions prior to 1.20.1 Description: A vulnerability was identified in tarteaucitron.js where user-controlled inputs for element dimensions width and height were not properly validated. This allowed an attacker with direct...

UBUNTU-CVE-2025-3016

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulation of the argument...

PYSEC-2025-160

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

CLSA-2025-1742379365 Fix CVE(s): CVE-2025-0840

SECURITY UPDATE: stack-based buffer overflow via manipulation of argument - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow at objdump disassemblebytes by restricting insnwidth to range 1-49 - CVE-2025-0840...

iomap: avoid avoid truncating 64-bit offset to 32 bits

...

SUSE CVE-2025-21826

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

DEBIAN-CVE-2025-21826

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

CVE-2025-21826 netfilter: nf_tables: reject mismatching sum of field_len with set key length

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

CVE-2025-21826

CVE-2025-21826 affects the Linux kernel nf_tables: a mismatch between field_len-derived key field lengths and the total set key length can be rejected, allowing mismatched values to slip through due to register-based arithmetic. The issue has been resolved in the Linux kernel; the provided source...

Linux Distros Unpatched Vulnerability : CVE-2021-4216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Floating point exception division-by-zero flaw was found in Mupdf for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1 upstream. CVE-2021-4216...

UBUNTU-CVE-2022-49659

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...