RockyLinux 9 : httpd (RLSA-2026:21391)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21391 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due...

RLSA-2026:19127 Important: gdk-pixbuf2 security update

The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. Security Fixes: gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JP...

RockyLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:19180)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19180 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

AlmaLinux 10 : httpd (ALSA-2026:21433)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21433 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due...

Apache HTTP Server: mod_proxy_ajp: Apache HTTP Server mod_proxy_ajp: Arbitrary code execution via heap-based buffer overflow

A flaw was found in modproxyajp of Apache HTTP Server. This heap-based buffer overflow vulnerability allows a remote attacker, by connecting to a malicious AJP Apache JServ Protocol server, to send a specially crafted message. This message can cause modproxyajp to write attacker-controlled data...

Apache HTTP Server: mod_proxy_ajp: Apache HTTP Server mod_proxy_ajp: Arbitrary code execution via heap-based buffer overflow

A flaw was found in modproxyajp of Apache HTTP Server. This heap-based buffer overflow vulnerability allows a remote attacker, by connecting to a malicious AJP Apache JServ Protocol server, to send a specially crafted message. This message can cause modproxyajp to write attacker-controlled data...

JLSEC-2026-559

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

EUVD-2026-31813

A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...

CVE-2026-25104

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability...

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

Heap-based Buffer Overflow

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2026-28764

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability...

EUVD-2026-31255

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability...

CVE-2026-28764

Technical details (affected product versions, root cause, impact, and remediation) are not publicly available in the provided documents; monitor for updates.

PT-2026-42444

Name of the Vulnerable Software and Affected Versions MediaArea MediaInfoLib affected versions not specified Description A heap-based buffer overflow occurs during the parsing of LXF elements. A heap-based buffer overflow is a memory corruption issue that happens when an application writes more...

CVE-2026-22554

MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability...

UBUNTU-CVE-2026-22554

MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability...

CVE-2026-22554

MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability...