501 matches found
EUVD-2022-49107
Open Babel has out-of-bounds write in ORCA nAtoms parser...
EUVD-2022-47394
Open Babel has uninitialized pointer dereference in MSI atom parser...
EUVD-2022-46603
Open Babel has out-of-bounds write in MOL2 attribute/value parser...
EUVD-2022-45947
Open Babel has uninitialized pointer dereference in GRO residue parser...
EUVD-2022-44961
Open Babel has out-of-bounds write in CSR PadString title field...
CVE-2026-53703
A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...
CVE-2025-7017
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows MSI file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before...
CVE-2025-14098
Avira Antivirus engine heap buffer out-of-bounds write (integer overflow) when scanning a malformed MS-DOS executable file. Affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.104. Impact: local code execution or denial-of-service of the antivirus engine process. ...
CVE-2025-7019
CVE-2025-7019 describes a stack overflow in Avast/Gen Digital antivirus scanning of malformed Office Open XML files, causing Denial-of-Service of the antivirus process. Affected products include Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows/m...
CVE-2025-7019 Avast antivirus stack overflow when scanning a malformed Office Open XML file
Stack overflow vulnerability in Avast Antivirus when scanning a malformed Office Open XML file may allow Denial-of-Service of the antivirus process. This issue affects Avast Antivirus, AVG Antivirus, Norton Antivirus, Avast One, and Avast Business Antivirus on Windows, macOS, and Linux for virus...
SUSE CVE-2022-46291
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
UBUNTU-CVE-2026-41069
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...
CVE-2026-41069
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...
CVE-2026-9100
The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection may cause any application that reads those files via the legacy API to either crash via a division-by-zero or silently leak process memo...
PT-2026-39782
Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Tahoe versions prior to 26.5 tvOS versions prior to 26.5 visionOS versions prior to 26.5 watchOS versions prior to 26.5 Description An out-of-bounds access issue occurs when parsin...
CVE-2026-41684 Incus: Nil Dereferences on Restore via Malformed YAML
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...
CVE-2026-41684
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...
GHSA-X5R6-JR56-89PV Incus has Nil Dereferences on Restore via Malformed YAML
Summary Details It was found that backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid inline config that passes the initial import...
Delta Electronics ASDA-Soft 安全漏洞
Delta Electronics ASDA-Soft is an AC servo motor from Delta Electronics China. The Delta Electronics ASDA-Soft suffers from a stack buffer overflow vulnerability caused by incorrect boundary checking when parsing an incorrectly formatted .par file, which can be exploited by an attacker to execute...
EUVD-2026-7407
OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp...