EUVD-2026-39509

Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...

CVE-2026-2050

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

EUVD-2026-38191

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

CVE-2026-2049

A flaw was found in GIMP. This heap-based buffer overflow vulnerability, located in the HDR file parsing component, allows a remote attacker to execute arbitrary code. User interaction is required for exploitation, as the target must open a malicious HDR file. The flaw occurs due to a lack of...

EulerOS 2.0 SP13 : vim (EulerOS-SA-2026-2361)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

SUSE CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

CVE-2021-4478

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the...

CVE-2021-4478

Dräger CC-Vision Basic prior to 7.5.3 and CC-Vision E-Cal prior to 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during parsing, potentially crashing the application or allowing code execution on the host. The avail...

SUSE SLES16 Security Update : localsearch (SUSE-SU-2026:21854-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21854-1 advisory. - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files...

openSUSE 16 Security Update : localsearch (openSUSE-SU-2026:20821-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20821-1 advisory. - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 -...

CVE-2026-7454 WRL File Parsing Memory Corruption in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2026-7453

CVE-2026-7453 : A memory exhaustion issue occurs when parsing a malicious WRL file in Autodesk 3ds Max, causing a stack exhaustion and denial-of-service. The NVD entry confirms the description and lists a CVSSv3.1 base score of 5.3 (Medium) with local attack vector, low complexity, no privileges,...

CVE-2026-7452 WRL File Parsing Memory Corruption in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2026-7450

CVE-2026-7450 : A malicious PAR file parsed by Autodesk 3ds Max can trigger a NULL pointer dereference in the PAR file parser, leading to application crash and a potential denial-of-service condition. Affected software: Autodesk 3ds Max (PAR parsing path). Root cause: NULL pointer dereference. CV...

CVE-2026-7450 PAR File Parsing NULL Pointer Dereference in Autodesk 3ds Max

A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...