4013 matches found
DEBIAN-CVE-2026-54273
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, no limit was present on the number of pipelined requests that could be queued. An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS. This...
DEBIAN-CVE-2026-54279
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...
DEBIAN-CVE-2026-54283
Starlette is a lightweight ASGI framework/toolkit. From 0.4.1 until 1.3.1, request.form accepts maxfields and maxpartsize to bound resource consumption while parsing form data. These limits are enforced for multipart/form-data, but silently ignored for application/x-www-form-urlencoded. An...
ECHO-E231-2B20-A715
Bulletin has no description...
MINI-W6J9-V53M-GH85
Bulletin has no description...
MINI-PCFF-X6FP-HGGJ
Bulletin has no description...
DEBIAN-CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
MINI-V422-5GRW-3CHG
Bulletin has no description...
DEBIAN-CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
DEBIAN-CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
DEBIAN-CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
DEBIAN-CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...
MINI-H53V-CVGC-4FFM
Bulletin has no description...
MINI-7CH9-VMFQ-4J5X
Bulletin has no description...
MINI-R2QJ-36R2-GJ58
Bulletin has no description...
MINI-P58P-5P4R-P6RX
Bulletin has no description...
CGA-5RF3-F5P3-G7P3
Bulletin has no description...
CGA-4XF2-3GVC-QQCQ
Bulletin has no description...
DEBIAN-CVE-2026-49271
libheif is a HEIF and AVIF file format decoder and encoder. Prior to version 1.22.1, the uncompressed HEIF decoder validates explicit icef compressed-unit offsets using unitoffset + unitsize. Because the addition can wrap, a crafted HEIF file can pass the range check and then construct a vector...
DEBIAN-CVE-2026-56208
A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...