14 matches found
CVE-2026-5445
An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...
EUVD-2026-20926
An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...
CVE-2026-5445
An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...
UBUNTU-CVE-2026-5445
An out-of-bounds read vulnerability exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic used for PALETTE COLOR images does not validate pixel indices against the lookup table size. Crafted images containing indices larger than the palette size...
PT-2026-31634
Name of the Vulnerable Software and Affected Versions DicomImageDecoder affected versions not specified Description An out-of-bounds read issue exists in the DecodeLookupTable function within DicomImageDecoder.cpp. The lookup-table decoding logic for PALETTE COLOR images does not validate pixel...
TeleMessage 安全漏洞
TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from the heap content of a JSP application containing a password sent over HTTP...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2795)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2575)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
curl 安全漏洞
curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl, which stems from the fact that given a syntactically incorrect field, the contents of the heap may be returned to the application or cause a crash...
CVE-2024-7264
libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen getting performed on a pointer to a heap buffer area that i...
ruby: BasicSocket#read_nonblock method leads to information disclosure
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...
Redis Labs Redis 输入验证错误漏洞
Redis Labs Redis is an open source, network-enabled, memory-based, persistent logging, key-value Key-Value storage database written in ANSI C with a multilingual API from Redis Labs, Inc. An input validation error vulnerability exists in Redis, which could expose arbitrary contents of the heap or...
An issue was discovered in Ruby 2.5.x through 2.5.7 2.6.x through 2.6.5 and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size buffer exception: false) the method resizes the buffer to fit the requested size but no data is copied. Thus the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.
...
xen: security and bugfix update (important)
XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...