34815 matches found
SUSE CVE-2026-10879
DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require fou...
CVE-2026-11672
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-11672
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
Security Bulletin: NVIDIA DALI - June 2026
NVIDIA has released a software update for NVIDIA® DALI. To protect your system, clone or update this software to DALI v2.1 or later from NVIDIA/DALI on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...
CVE-2026-11672
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11672
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11672
CVE-2026-11672 describes a heap buffer overflow in the GPU component of Google Chrome on Android prior to 149.0.7827.103. Root cause: heap buffer overflow in GPU memory handling when the renderer is compromised via a crafted HTML page, potentially enabling a sandbox escape. Impact: high-severity ...
CVE-2026-44420
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...
CVE-2026-44421
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...
libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob
A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...
CVE-2026-42536
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-42536
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-42536
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-42536 Apache HTTP Server: mod_xml2enc heap overflow
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-42536 Apache HTTP Server: mod_xml2enc heap overflow
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-34356
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-34356
CVE-2026-34356 is a heap-based buffer overflow in Apache HTTP Server (affecting 2.4.0–2.4.67) involving malicious backend servers and ProxyPassReverseCookie. The issue could allow a crash or similar impact (per CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H; base score 7.5). Fixed by upgrading to...
CVE-2026-34356
Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
JLSEC-2026-594
An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in incfopen in modules/preprocs/nasm/nasm-pp.c...
CVE-2026-10231
A flaw was found in Assimp, a library for importing various 3D model formats. A local attacker could exploit a heap-based buffer overflow vulnerability in the Half-Life 1 MDL Loader component. By manipulating a specific argument, an attacker could cause the application to crash, leading to a deni...