OSV-2026-815 Heap-buffer-overflow in ihevcd_sao_shift_ctb

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422427 Crash type: Heap-buffer-overflow READ 1 Crash state: ihevcdsaoshiftctb ihevcdprocess ihevcdparseslicedata...

JLSEC-2026-519

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...

SUSE CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

Astra Linux - уязвимость в opensc

Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...

Astra Linux - уязвимость в dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...

UBUNTU-CVE-2026-44608

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met multi-threaded, RPZ XFR reload, RPZ zone with 'rpz-nsip'/'rpz-nsdname' triggers it could result in heap use-after-free and eventual crash. An adversary can...

OSV-2026-759 UNKNOWN READ in bfd_getb32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513690224 Crash type: UNKNOWN READ Crash state: bfdgetb32 nds32elflo12reloc bfdperformrelocation...

UBUNTU-CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

OSV-2026-623 Use-of-uninitialized-value in Mat_PrintNumber

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=505903317 Crash type: Use-of-uninitialized-value Crash state: MatPrintNumber MatPrintData MatVarPrint...

UBUNTU-CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

OSV-2026-608 Stack-buffer-overflow in is_http

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504809218 Crash type: Stack-buffer-overflow READ Crash state: ishttp stungetmessagelenstr FuzzStunClient.c...

OSV-2026-196 Null-dereference READ in ubsan_GetStackTrace

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481752521 Crash type: Null-dereference READ Crash state: ubsanGetStackTrace...

EUVD-2005-0750

Malware in sbrugna...

EUVD-2021-29736

Malicious code in bioql PyPI...

OSV-2025-762 Use-of-uninitialized-value in fuzzer_send

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=445773944 Crash type: Use-of-uninitialized-value Crash state: fuzzersend SendBuffered SendFinished...

CVE-2025-59398

The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...

CVE-2025-47736

dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...

CVE-2025-32396

An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet...

USN-7286-1 iniparser vulnerability

It was discovered that iniParser incorrectly handled certain files. An attacker could possibly use this issue to cause iniParser to crash, resulting in a denial of service...

CVE-2024-11864

Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP...