Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-53367

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-03 Jul, 2025 | 21:07
Updated At-04 Nov, 2025 | 21:11
Rejected At-
Credits

DjVuLibre OOB-Write Vulnerability in MMRDecoder

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:03 Jul, 2025 | 21:07
Updated At:04 Nov, 2025 | 21:11
Rejected At:
▼CVE Numbering Authority (CNA)
DjVuLibre OOB-Write Vulnerability in MMRDecoder

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29.

Affected Products
Vendor
DjvuNet
Product
DjVuLibre
Versions
Affected
  • < 3.5.29
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787: Out-of-bounds Write
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-787
Description: CWE-787: Out-of-bounds Write
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
4.08.4HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://securitylab.github.com/advisories/GHSL-2025-055_DjVuLibre/
x_refsource_CONFIRM
https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre
x_refsource_MISC
https://github.com/github/securitylab/tree/main/SecurityExploits/DjVuLibre/MMRDecoder_scanruns_CVE-2025-53367
x_refsource_MISC
https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3da
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2025/07/03/1
x_refsource_MISC
Hyperlink: https://securitylab.github.com/advisories/GHSL-2025-055_DjVuLibre/
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre
Resource:
x_refsource_MISC
Hyperlink: https://github.com/github/securitylab/tree/main/SecurityExploits/DjVuLibre/MMRDecoder_scanruns_CVE-2025-53367
Resource:
x_refsource_MISC
Hyperlink: https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3da
Resource:
x_refsource_MISC
Hyperlink: https://www.openwall.com/lists/oss-security/2025/07/03/1
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/
exploit
Hyperlink: https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/
Resource:
exploit
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html
N/A
http://www.openwall.com/lists/oss-security/2025/07/03/1
N/A
http://www.openwall.com/lists/oss-security/2025/07/18/3
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/07/03/1
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/07/18/3
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:03 Jul, 2025 | 21:15
Updated At:04 Nov, 2025 | 22:16

DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.4HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-125Secondarysecurity-advisories@github.com
CWE-787Secondarysecurity-advisories@github.com
CWE ID: CWE-125
Type: Secondary
Source: security-advisories@github.com
CWE ID: CWE-787
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibresecurity-advisories@github.com
N/A
https://github.com/github/securitylab/tree/main/SecurityExploits/DjVuLibre/MMRDecoder_scanruns_CVE-2025-53367security-advisories@github.com
N/A
https://securitylab.github.com/advisories/GHSL-2025-055_DjVuLibre/security-advisories@github.com
N/A
https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3dasecurity-advisories@github.com
N/A
https://www.openwall.com/lists/oss-security/2025/07/03/1security-advisories@github.com
N/A
http://www.openwall.com/lists/oss-security/2025/07/03/1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2025/07/18/3af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.debian.org/debian-lts-announce/2025/07/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/github/securitylab/tree/main/SecurityExploits/DjVuLibre/MMRDecoder_scanruns_CVE-2025-53367
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://securitylab.github.com/advisories/GHSL-2025-055_DjVuLibre/
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://sourceforge.net/p/djvu/djvulibre-git/ci/33f645196593d70bd5e37f55b63886c31c82c3da
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://www.openwall.com/lists/oss-security/2025/07/03/1
Source: security-advisories@github.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/07/03/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2025/07/18/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/07/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

63Records found
CVE-2025-47754
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.4||HIGH
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 07:45
Updated-19 May, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!Conv_Macro_Data function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-monitouch_v-sftV-SFT
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-47760
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.4||HIGH
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 07:48
Updated-19 May, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6MemInIF!set_temp_type_default function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-monitouch_v-sftV-SFT
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-47752
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.4||HIGH
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 07:44
Updated-19 May, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds write in VS6ComFile!MakeItemGlidZahyou function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-monitouch_v-sftV-SFT
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-47755
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.4||HIGH
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 07:46
Updated-19 May, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!VS4_SaveEnvFile function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-monitouch_v-sftV-SFT
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-47758
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.4||HIGH
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 07:47
Updated-19 May, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

V-SFT v6.2.5.0 and earlier contains an issue with stack-based buffer overflow in VS6File!CTxSubFile::get_ProgramFile_name function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-monitouch_v-sftV-SFT
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-47756
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-8.4||HIGH
EPSS-0.13% / 31.82%
||
7 Day CHG~0.00%
Published-19 May, 2025 | 07:46
Updated-19 May, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

V-SFT v6.2.5.0 and earlier contains an issue with out-of-bounds read in VS6EditData!CGamenDataRom::set_mr400_strc function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-monitouch_v-sftV-SFT
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-4098
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.20%
||
7 Day CHG~0.00%
Published-08 May, 2025 | 17:45
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in Horner Automation Cscape

Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape.

Action-Not Available
Vendor-Horner Automation
Product-Cscape
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-37119
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.28%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-07 Apr, 2026 | 14:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a carefully constructed exploit.

Action-Not Available
Vendor-nsasoftNsasoft
Product-nsauditorNsauditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-37011
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.58%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-12 May, 2026 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gnome Fonts Viewer 3.34.0 Heap Corruption

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to cause an infinite malloc() loop and potentially crash the gnome-font-viewer process.

Action-Not Available
Vendor-The GNOME Project
Product-Fonts Viewer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-41413
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.72%
||
7 Day CHG~0.00%
Published-17 Jun, 2025 | 20:22
Updated-18 Jun, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fuji Electric Smart Editor Out-of-bounds Write

Fuji Electric Smart Editor is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-Smart Editor
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-41392
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.66%
||
7 Day CHG~0.00%
Published-18 Aug, 2025 | 21:07
Updated-28 Nov, 2025 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share Out-of-bounds Read

In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

Action-Not Available
Vendor-Vellum Investment Partners, LLC
Product-argonlithiumcobalt_sharecobaltxenonLithiumCobalt ShareCobaltXenonArgon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-32412
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.72%
||
7 Day CHG~0.00%
Published-17 Jun, 2025 | 20:18
Updated-18 Jun, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fuji Electric Smart Editor Out-of-bounds Read

Fuji Electric Smart Editor is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-Fuji Electric Co., Ltd.
Product-Smart Editor
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-2480
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.4||HIGH
EPSS-0.18% / 39.72%
||
7 Day CHG~0.00%
Published-20 Mar, 2025 | 16:49
Updated-16 Oct, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Santesoft Sante DICOM Viewer Pro Out-of-bounds Write

Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker.

Action-Not Available
Vendor-Santesoft LTD
Product-dicom_viewer_proSante DICOM Viewer Pro
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • Next
Details not found