2492 matches found
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the cencschemedecrypt, cbc1schemedecrypt, censschemedecrypt, and cbcsschemedecrypt paths in libavformat/mov.c. An attacker can trigger out-of-bounds subsample size validation by supplying a crafted...
MiracleLinux 9 : nginx-1.20.1-24.el9_7.2.ML.1 (AXSA:2026-435:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-435:02 advisory. nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files CVE-2026-32647 NGINX: NGINX: Denial of Service or file modification...
CVE-2026-6364
Out of bounds read in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted file. Chromium security severity: Medium...
CVE-2026-40919
A flaw was found in GIMP. This vulnerability, a buffer overflow in the file-seattle-filmworks plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker could leverage this to cause a denial of service DoS, leading to the plugin crashing and potential...
CVE-2026-40917
CVE-2026-40917 is reported in GIMP as a heap over-read in the ICNS image loader via icns_slurp() when processing crafted ICNS files. Affected software is GIMP; the vulnerability may cause application crashes or information disclosure. The connected documents corroborate the issue across multiple ...
CVE-2026-27294
Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current use...
CVE-2026-27294 Adobe Framemaker | Out-of-bounds Read (CWE-125)
Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current use...
CVE-2026-27294 Adobe Framemaker | Out-of-bounds Read (CWE-125)
Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current use...
EUVD-2026-22687
Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
CVE-2026-27287
InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
CVE-2026-27289
Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
CVE-2026-27289 Photoshop Desktop | Out-of-bounds Read (CWE-125)
Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
CVE-2026-27289
Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
EUVD-2026-22438
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre...
CVE-2026-27284
InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the curre...
CVE-2026-27284
CVE-2026-27284 affects InDesign Desktop versions 20.5.2, 21.2 and earlier. It is an out-of-bounds read vulnerability (CWE-125) that occurs when parsing a crafted file, potentially causing code execution in the context of the current user. Exploitation requires user interaction (the victim must op...
PT-2026-32943
Name of the Vulnerable Software and Affected Versions Adobe Framemaker versions prior to 2022.9 Description An out-of-bounds read occurs when parsing a crafted file, which can lead to a read past the end of an allocated memory structure. This issue allows an attacker to execute code within the...
Adobe InCopy 缓冲区错误漏洞
Adobe InCopy is a text editing software for creative purposes developed by Adobe, Inc. Versions of Adobe InCopy such as 20.5.2 and 21.2 and earlier have a buffer error vulnerability. This vulnerability stems from an out-of-bounds read during the parsing of specially crafted files, which may allow...
PT-2026-32700
Name of the Vulnerable Software and Affected Versions InDesign Desktop versions 20.5.2 and 21.2 and earlier Description An out-of-bounds read occurs when parsing a crafted file, which can lead to a read past the end of an allocated memory structure. This issue allows an attacker to execute code i...
Ubuntu: Security Advisory (USN-8166-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...