An issue was discovered in phpMyAdmin before 4.8.5. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.