Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the vvdecpushdata2 function of the HEIF File Parser component. An attacker can cause an out-of-bounds read by manipulating the size argument during local exploitation. Remediation A fix was pushed into the master...

UBUNTU-CVE-2026-3949

A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdecpushdata2 of the file libheif/plugins/decodervvdec.cc of the component HEIF File Parser. Executing a manipulation of the argument size can lead to out-of-bounds read. The attack needs to be launched...

CVE-2026-3949

CVE-2026-3949 — libheif (up to 1.21.2) has a vulnerability in the HEIF File Parser component. The issue is in the function vvdec_push_data2 (libheif/plugins/decoder_vvdec.cc), where manipulating the argument size can cause an out-of-bounds read . The vulnerability requires local access to exploit...

PT-2026-24787

Name of the Vulnerable Software and Affected Versions strukturag libheif versions up to 1.21.2 Description A flaw exists in strukturag libheif that allows for an out-of-bounds read. The issue resides in the vvdec push data2 function within the libheif/plugins/decoder vvdec.cc file of the HEIF Fil...

EUVD-2026-10173

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

CVE-2026-3665

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

EUVD-2026-10155

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

CVE-2026-3663

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

CVE-2026-3664

Affected product: xlnt-community xlnt (up to 1.6.1). Vulnerable component: xlnt::detail::compound_document::read_directory in source/detail/cryptography/compound_document.cpp of the Encrypted XLSX File Parser. Issue type: out-of-bounds read caused by manipulation, with local execution requirement...

CVE-2026-3663

The CVE-2026-3663 issue affects xlnt-community xlnt up to 1.6.1, specifically the xlnt::detail::compound_document_istreambuf::xsgetn function in source/detail/cryptography/compound_document.cpp of the XLSX File Parser. A manipulation can trigger an out-of-bounds read, with local access required. ...

PT-2026-23859

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compound document istreambuf::xsgetn of the file source/detail/cryptography/compound document.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read...

Wireshark 4.6.x < 4.6.4 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.6.4. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.6.4 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of...

libbiosig 安全漏洞

Libbiosig is an open-source software library developed by the BioSig Project for biomedical signal processing. It includes functions for bio-signal analysis. Version 3.9.2 of Libbiosig contains a security vulnerability; this vulnerability stems from an out-of-bound read operation in the ABF parsi...

CVE-2026-3407

A flaw was found in YosysHQ yosys, specifically within the BLIF File Parser component. A local user can exploit a heap-based buffer overflow vulnerability by manipulating the Yosys::RTLIL::Const::set function. This manipulation can lead to a denial of service, making the affected system unavailab...

CVE-2026-3407 YosysHQ yosys BLIF File rtlil.h set heap-based overflow

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

EUVD-2026-9140

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

CVE-2026-3407

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

PT-2026-22538

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

CVE-2026-3394

A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloudwav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local...

CVE-2026-3394

The CVE-2026-3394 entry concerns jarikomppa soloud up to 20200207, affecting SoLoud::Wav::loadwav in src/audiosource/wav/soloud_wav.cpp of the WAV File Parser. The vulnerability results in memory corruption when a manipulation is performed, with the attack requiring local access. Multiple sources...