[SECURITY] Fedora 44 Update: SDL2_image-2.8.12-1.fc44

Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL surfaces...

[SECURITY] Fedora 42 Update: libopenmpt-0.8.6-1.fc42

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

[SECURITY] Fedora 42 Update: cpp-httplib-0.37.2-1.fc42

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code!...

UBUNTU-CVE-2026-21428

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add...

PT-2025-29150 · Unknown +1 · Cpp-Httplib +1

Name of the Vulnerable Software and Affected Versions: cpp-httplib versions prior to 0.20.1 Description: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Versions prior to 0.20.1 do not have a limit for a unique line, which allows an attacker to allocate memory...

The vulnerability of the FileHandler component of the cross-platform 3D model import library Assimp (Open Asset Import Library) allows a hacker to trigger a service failure.

The vulnerability of the FileHandler component in the cross-platform Assimp 3D model import library Open Asset Import Library is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2023-39969

uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Version 1.0.9 of uthenticode hashed the entire file rather than hashing sections by virtual address, in violation of the Authenticode specification. As a result, an attacker could modify code...

CVE-2023-39969 uthenticode signature validation bypass vulnerability

uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Version 1.0.9 of uthenticode hashed the entire file rather than hashing sections by virtual address, in violation of the Authenticode specification. As a result, an attacker could modify code...

CVE-2023-40012 uthenticode EKU validation bypass

uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Versions of uthenticode prior to the 2.x series did not check Extended Key Usages in certificates, in violation of the Authenticode X.509 certificate profile. As a result, a malicious user could...

LIEF 缓冲区错误漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF has a security vulnerability that stems from a heap buffer overflow in the printbinary function in /c/machoreader.c. The vulnerability is caused b...

USN-5274-1: Simple DirectMedia Layer vulnerabilities

It was discovered that Simple DirectMedia Layer library incorrectly handled memory when parsing certain specially crafted .BMP files. An attacker could possibly use these issues to crash the application or execute arbitrary code...

[SECURITY] Fedora 35 Update: libopenmpt-0.5.15-1.fc35

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

GPAC Project on Advanced Content Integer Overflow Vulnerability (CNVD-2021-82984)

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...

The vulnerability in the cross-platform library LibVNCServer’s component libvncserver/scale.c allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the component libvncserver/scale.c of the cross-platform library LibVNCServer is due to a numerical overflow in pixelvalue. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability in the `libvncserver/translate.c` component of the cross-platform library LibVNCServer allows a attacker to cause a service failure.

The vulnerability of the libvncserver/translate.c component within the cross-platform library LibVNCServer is related to errors in the code. Exploiting this vulnerability may allow a malicious actor to cause service failures remotely...

The vulnerability of the WriteCMYKImage function in the cross-platform library for working with GraphicsMagick allows a hacker to execute arbitrary code within the context of a vulnerable application.

The vulnerability of the WriteCMYKImage function in the cross-platform library for working with GraphicsMagick is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code within the vulnerable...

The vulnerability of the WriteRGBImage function in the cross-platform library for working with GraphicsMagick allows a hacker to induce a service failure.

The vulnerability of the WriteRGBImage function in the cross-platform library for working with GraphicsMagick is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...

The vulnerability of the ReadSUNImage function (coders/sun.c) in the cross-platform library for working with graphics, GraphicsMagick, allows a hacker to trigger a service failure.

The vulnerability of the ReadSUNImage function coders/sun.c in the cross-platform library for working with graphics, GraphicsMagick, arises due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause a system failure...