BIT-GDAL-2026-8088 OSGeo gdal GDapi.c GDfieldinfo out-of-bounds

A weakness has been identified in OSGeo gdal up to 3.13.0. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the public a...

EUVD-2026-28436

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the...

GHSA-J3F5-RW74-G4RV OSGeo GDAL vulnerable to out-of-bounds read

A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been made available to the...

CVE-2023-30323

SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain sensitive information...

Vanilla Cross-Site Scripting Vulnerability

Vanilla is an open source multi-language, fully extensible forum program. A cross-site scripting vulnerability exists in Vanilla versions prior to 2.6.1. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the email field in the basic information...

marshmallow library for Python Information Disclosure Vulnerability

Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. marshmallow library is one of the lightweight libraries for converting complex objects into Python data...