httpd: mod_proxy_ajp: off-by-one out-of-bounds reads in AJP getter functions

A flaw was found in the modproxyajp module of httpd. When processing AJP Apache JServ Protocol messages, the AJP getter functions attempt to read data beyond the allocated buffer size, allowing an attacker or a malformed request to cause an out-of-bounds read. This issue leads to a denial of...

CVE-2026-41415 PJSIP: SIP Multipart CID URI Length Underflow

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message body. Insufficient length validation can cause reads beyond the intended buffer bounds. This...

CVE-2026-5315

CVE-2026-5315 affects Nothings stb up to 1.26, specifically the stb_truetype.h function stbtt__buf_get8. Root cause is an out-of-bounds read caused by input manipulation, enabling remote execution as described in multiple sources. Public exploit information exists, and vendor contact occurred wit...

CVE-2026-31897

FreeRDP vulnerability CVE-2026-31897: an out-of-bounds read in freerdp_bitmap_decompress_planar occurs when SrcSize is 0, dereferencing pSrcData without verifying SrcSize. This affects pre-3.24.0 releases and is fixed in 3.24.0. OpenSUSE/SUSE advisories and Amazon Linux 2 ALAS-2026-3239 also note...

PT-2023-5364 · Siemens · Tecnomatix Plant Simulation

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation versions prior to V2201.0006 Description: The issue is related to an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code...

Adobe Acrobat 缓冲区错误漏洞

Adobe Acrobat is a suite of PDF file editing and conversion tools from the American company Audobee Adobe. A buffer error vulnerability exists in Adobe Acrobat DC versions prior to 22.003.20258 and Acrobat 2020 20.005.30407, which originates from an out-of-bounds read and could lead to a memory...

vim 缓冲区错误漏洞

Vim is an editor for UNIX-based platforms. A buffer error vulnerability exists in vim that stems from reading out of bounds in vim prior to 8.2...

Modesty Pdf2json 缓冲区错误漏洞

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages page by page to JSON and XML formats. PDF2JSON DCTStream::readHuffSym suffers from a denial of service vulnerability. The vulnerability stems from an invalid read of size 2. An attacker could exploit this...

curl: FTP PWD response parser out of bounds read

libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then responds with a 257 response containing the path, inside double...

Fedora 16 : net-snmp-5.7.1-3.fc16 (2012-16659)

This update fixes : - Array index error, leading to out-of heap-based buffer read CVE-2012-2141 - Size values in hrStorageTable and hrFSTable. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...