3823 matches found
CVE-2026-38076
A flaw was found in jbig2dec. An integer overflow vulnerability in the jbig2arithiaidctxnew function allows a remote attacker to cause a Denial of Service DoS by providing a specially crafted input. This can lead to the affected system becoming unresponsive or crashing, disrupting its normal...
EUVD-2026-42767
An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-38076
An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-38076
An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-38076
An integer overflow in the jbig2arithiaidctxnew function of Artifex commit cc37d0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-38076
CVE-2026-38076 concerns an integer overflow in the Artifex jbig2dec code, specifically the function jbig2_arith_iaid_ctx_new() introduced in commit cc37d0. This overflow can be triggered by a crafted input to cause a Denial of Service (DoS) by making the affected system unresponsive or crash. The...
kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath
A flaw was found in the Linux kernel's CIFS Common Internet File System client. When the cifssanitizeprepath function processes specially crafted input, such as an empty string or a string containing only delimiters, it can attempt to read data beyond its allocated memory buffer. This out-of-boun...
DEBIAN-CVE-2026-14401
Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
GHSA-RJ4C-R689-CM87 Open Babel has out-of-bounds write in ORCA nAtoms parser
Summary A memory-safety vulnerability in Open Babel's ORCA parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the nAtoms handling of the ORCA reader. A malformed input caused the parser to write past the end of its destination buffer. Impact Open Babe...
GHSA-8QXC-57HF-HC9J Open Babel has uninitialized pointer dereference in PQS pFormat
Summary A memory-safety vulnerability in Open Babel's PQS parser caused an uninitialized pointer dereference when reading a crafted input file. Details The flaw was in the pFormat handling of the PQS reader. A malformed input caused the parser to dereference a format pointer that had never been...
GHSA-55J6-RJHX-HWFH Open Babel has NULL pointer dereference in CACAO CacaoFormat::SetHilderbrandt
Summary A memory-safety vulnerability in Open Babel's CACAO parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in CacaoFormat::SetHilderbrandt. A malformed input caused the parser to dereference a NULL pointer while applying the Hilderbrandt...
GHSA-8WQ6-QH76-WPV9 Open Babel has heap buffer overflow in ChemKin ChemKinFormat::CheckSpecies
Summary A memory-safety vulnerability in Open Babel's ChemKin parser caused a heap buffer overflow when reading a crafted input file. Details The flaw was in ChemKinFormat::CheckSpecies. A malformed species record caused the parser to write past the end of a heap-allocated buffer. Impact Open Bab...
EUVD-2026-41101
Improper Output Neutralization for Logs CWE-117 in Kibana can lead to log injection via Log Injection-Tampering-Forging CAPEC-93. An attacker can supply specially crafted input that is written to log files without proper neutralization. When the log files are subsequently viewed in a terminal tha...
Linux Distros Unpatched Vulnerability : CVE-2026-13149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive...
GHSA-4W5W-4FHM-Q483 Open Babel has NULL pointer dereference in MOL2 OBAtom::SetFormalCharge
Summary A memory-safety vulnerability in Open Babel's MOL2 file format parser caused a NULL pointer dereference when reading a crafted input file. Details The flaw was in OBAtom::SetFormalCharge as called from the MOL2 parser. A malformed atom record caused the parser to call the method on a NULL...
UBUNTU-CVE-2026-13149
brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...
CVE-2026-45822
decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...
UBUNTU-CVE-2026-45822
decode-uri-component through 0.4.1 is vulnerable to denial of service. The decode function splits input on '%' producing N tokens and calls decodeComponents, exhibiting super-linear parsing time: 200 '%ab' tokens takes approximately 0.7s, 700 tokens approximately 6s, and 1400 tokens approximately...
SUSE-SU-2026:2697-1 Security update for opensc
This update for opensc fixes the following issues - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to cra...
SUSE-SU-2026:2693-1 Security update for podman
This update for podman fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262856. - CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598:...