CVE-2025-43964 – LibRaw Unvalidated Memory Access Vulnerability

April 20, 2025

CVE ID : CVE-2025-43964

Published : April 21, 2025, 12:15 a.m. | 2 hours ago

Description : In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values.

Severity: 2.9 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43966 – Libheif NULL Pointer Dereference Vulnerability

Next Article CVE-2025-43962 – LibRaw Out-of-Bounds Read Vulnerability

Highlights

CVE-2024-10306 – Apache mod_proxy_cluster Unauthorized Access Vulnerability

April 23, 2025

CVE ID : CVE-2024-10306

Published : April 23, 2025, 10:15 a.m. | 4 hours, 43 minutes ago

Description : A vulnerability was found in mod_proxy_cluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-43964 – LibRaw Unvalidated Memory Access Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

CVE-2025-54441 – Samsung Electronics MagicINFO 9 Server Unrestricted File Upload Code Injection Vulnerability

New UX/UI Tools I’m Loving! – Microsoft UX Certificate, Figma Updates, OpenAI Academy & More!

CVE-2025-38155 – “Qualcomm Atheros mt76 Wireless Null Pointer Dereference Vulnerability”

Windows UWP Map Control and Maps platform API will be deprecated

CVE-2024-10306 – Apache mod_proxy_cluster Unauthorized Access Vulnerability

Step-by-Step Diffusion: An Elementary Tutorial

CVE-2025-48269 – WPAdverts Cross-Site Scripting (XSS)

My favorite portable charger for travel has a handy feature missing from competitors

CVE-2025-43964 – LibRaw Unvalidated Memory Access Vulnerability

Related Posts