CVE-2025-43964 – LibRaw Unvalidated Memory Access Vulnerability

April 20, 2025

CVE ID : CVE-2025-43964

Published : April 21, 2025, 12:15 a.m. | 2 hours ago

Description : In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.

Severity: 2.9 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43966 – Libheif NULL Pointer Dereference Vulnerability

Next Article CVE-2025-43962 – LibRaw Out-of-Bounds Read Vulnerability

Highlights

CVE-2025-6266 – FLIR AX8 Unrestricted File Upload Vulnerability

June 19, 2025

CVE ID : CVE-2025-6266

Published : June 19, 2025, 12:15 p.m. | 29 minutes ago

Description : A vulnerability was found in FLIR AX8 up to 1.46. It has been declared as critical. This vulnerability affects unknown code of the file /upload.php. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

EcoFlow’s new portable battery stations are lighter and more powerful (DC plug included)

7 ways Linux can save you money

My favorite Kindle tablet just got a kids model, and it makes so much sense

You can turn your Google Photos into video clips now – here’s how

Blade Service Injection: Direct Service Access in Laravel Templates

Blade Service Injection: Direct Service Access in Laravel Templates

This Week in Laravel: NativePHP Mobile and AI Guidelines from Spatie

Retrieve the Currently Executing Closure in PHP 8.5

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

How to Open Control Panel in Windows 11

How to Shut Down Windows 11

CVE-2025-43964 – LibRaw Unvalidated Memory Access Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

7 Best Free and Open Source Console Web Browsers

Alibaba Qwen Team Just Released Qwen3: The Latest Generation of Large Language Models in Qwen Series, Offering a Comprehensive Suite of Dense and Mixture-of-Experts (MoE) Models

CVE-2024-53019 – Cisco RTP Information Disclosure Vulnerability

CVE-2025-48700 – Zimbra Collaboration Cross-Site Scripting (XSS) Vulnerability

CVE-2025-6266 – FLIR AX8 Unrestricted File Upload Vulnerability

Pope Francis Never Let The Light of Hope Go Out Shirt

CVE-2025-4324 – MRCMS Cross Site Scripting Vulnerability

Can AI Site Builders Make WordPress Easier?

CVE-2025-43964 – LibRaw Unvalidated Memory Access Vulnerability

Related Posts