Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-12466 Heap buffer overflow in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124 – Fixed a potential overflow issue due to non-sequential channel numbers. Channel numbering must start at 0, and there should be no gaps between channels. Otherwise, it’s possible to exceed the available storage...

Astra Linux – Vulnerability in dcmtk

A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service DoS attack through a malicious DCM file...

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the stszin function located in mp4read.c. This allows an attacker to cause code execution...

Astra Linux – Vulnerability in Qemu

An integer overflow issue was identified in the vmxnet3 NIC emulator of QEMU for versions up to v5.2.0. This issue can occur if a guest provides invalid values for the rx/tx queue size or other NIC parameters. A privileged guest user may exploit this flaw to crash the QEMU process on the host,...

Astra Linux – Vulnerability in gst-plugins-ugly1.0

GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack vectors may...

Astra Linux – Vulnerability in libde265

It was discovered that Libde265 v1.0.11 contains a heap buffer overflow issue, caused by the derivecollocatedmotionvectors function in the motion.cc file...

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has a heap-based buffer overflow issue in the H5Dscattermem function within the H5Dscatgath.c file...

Astra Linux – Vulnerability in faad2

A issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. This allows an attacker to cause code execution...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32-bit systems. The “gl-totlen” variable is controlled by the user. It originates from processresponses. On 32-bit systems, the expression “gl-totlen + sizeofstruct cplpassacceptr...

Astra Linux – Vulnerability in htmldoc

There is a vulnerability in htmldoc 1.9.16. In the imageloadjpeg function, when image.cxx calls malloc, ‘img-width’ and ‘img-height’ are too large to prevent an integer overflow. As a result, the malloc function may return a heap block smaller than expected, causing a buffer overflow/Address...

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue arises from an off-by-one error that causes out-of-bounds memory access when...

Astra Linux – Vulnerability in libproxy

In libproxy, the url.cpp module in version 0.4.15 is vulnerable to a buffer overflow when PAC is enabled. This vulnerability was confirmed by using a large PAC file that was sent without a Content-length header...

Astra Linux – Vulnerability in SOX

A heap buffer overflow vulnerability was discovered in sox, within the lsxreadbuf function at sox/src/formatsi.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure...

Astra Linux – Vulnerability in fig2dev

Fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...

Astra Linux – Vulnerability in Graphviz

A buffer overflow in the Graphviz Graph Visualization Tools, starting from the commit ID f8b9e035 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service application crash by loading a crafted file into the "lib/common/shapes.c" component...

Astra Linux – Vulnerability in unbound

Unbound before version 1.9.5 allows for an integer overflow in the regional allocator through regionalalloc. NOTE: The vendor denies that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be exploited remotely or locally...

Astra Linux – Vulnerability in libvncserver

It was discovered that the websockets.c file in LibVNCServer prior to version 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, resulting in a heap-based buffer overflow...

Astra Linux – Vulnerability in Wireshark

A buffer overflow in the C12.22 dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows for denial of service through packet injection or malicious capture files...