CVE-2025-53814

A use-after-free vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .xml file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

EUVD-2025-36501

A use-after-free vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .xml file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2025-53814

CVE-2025-53814 affects GCC Productions Inc. Fade In 4.2.0. Cisco Talos details a use-after-free in Fade In's XML parser that can lead to heap-based memory corruption when processing a crafted .xml file. The TALOS-2025-2252 advisory confirms a heap corruption path via the XML parsing logic, with e...

PT-2025-44157

Name of the Vulnerable Software and Affected Versions GCC Productions Inc. Fade In version 4.2.0 Description A use-after-free issue exists in the XML parser functionality. Providing a specially crafted .xml file can lead to heap-based memory corruption. An attacker can trigger this by supplying a...

GCC Productions Inc. Fade In XML parser out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2250 GCC Productions Inc. Fade In XML parser out-of-bounds write vulnerability October 28, 2025 CVE Number CVE-2025-53855 SUMMARY An out-of-bounds write vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially...

GCC Productions Inc. Fade In XML parser use-after-free vulnerability

Talos Vulnerability Report TALOS-2025-2252 GCC Productions Inc. Fade In XML parser use-after-free vulnerability October 28, 2025 CVE Number CVE-2025-53814 SUMMARY A use-after-free vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .xml...

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2025-1242)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1242 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

Medium: java-25-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 a...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Oracle GraalVM for JDK: 17.0.16 a...

OESA-2025-2456 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat in Expat before version 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document...

EUVD-2021-24893

Malware in sbrugna...

EUVD-2021-24895

Malware in sbrugna...

EUVD-2020-24581

Malware in sbrugna...

EUVD-2017-17276

Malware in sbrugna...

EUVD-2013-1180

Malware in sbrugna...

EUVD-2017-8300

Malware in sbrugna...

EUVD-2017-4173

Malware in sbrugna...

EUVD-2021-1267

Malware in sbrugna...

EUVD-2017-15384

Malware in sbrugna...

EUVD-2013-1237

Malware in sbrugna...