EUVD-2026-38191

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

CVE-2026-2049

A flaw was found in GIMP. This heap-based buffer overflow vulnerability, located in the HDR file parsing component, allows a remote attacker to execute arbitrary code. User interaction is required for exploitation, as the target must open a malicious HDR file. The flaw occurs due to a lack of...

EulerOS 2.0 SP13 : vim (EulerOS-SA-2026-2361)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on...

Adobe Acrobat Reader DC TIF File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

SUSE CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

CVE-2021-4478

Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the...

CVE-2021-4478

Dräger CC-Vision Basic prior to 7.5.3 and CC-Vision E-Cal prior to 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during parsing, potentially crashing the application or allowing code execution on the host. The avail...

SUSE SLES16 Security Update : localsearch (SUSE-SU-2026:21854-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21854-1 advisory. - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files...

openSUSE 16 Security Update : localsearch (openSUSE-SU-2026:20821-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20821-1 advisory. - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 -...

CVE-2026-7454 WRL File Parsing Memory Corruption in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2026-7453

CVE-2026-7453 : A memory exhaustion issue occurs when parsing a malicious WRL file in Autodesk 3ds Max, causing a stack exhaustion and denial-of-service. The NVD entry confirms the description and lists a CVSSv3.1 base score of 5.3 (Medium) with local attack vector, low complexity, no privileges,...

CVE-2026-7452 WRL File Parsing Memory Corruption in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2026-7450

CVE-2026-7450 : A malicious PAR file parsed by Autodesk 3ds Max can trigger a NULL pointer dereference in the PAR file parser, leading to application crash and a potential denial-of-service condition. Affected software: Autodesk 3ds Max (PAR parsing path). Root cause: NULL pointer dereference. CV...

CVE-2026-7450 PAR File Parsing NULL Pointer Dereference in Autodesk 3ds Max

A maliciously crafted PAR file, when parsed through Autodesk 3ds Max, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition...

GIMP: GIMP: Arbitrary code execution via specially crafted PSD file

A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max, which may lead to a denial-of-service attack due to a stack overflow issue occurring during the parsing of specially crafted WRL files...

Autodesk 3ds Max 安全漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There is a security vulnerability in Autodesk 3ds Max. This vulnerability arises from the possibility of memory corruption during the parsing of specially crafted WRL files. Malicious actors may exploit...

RHEL 8 : gimp:2.8 (RHSA-2026:20552)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20552 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...