JLSEC-2026-552

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

Unity Linux 20.1060e / 20.1070e Security Update: gd (UTSA-2026-016663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016663 advisory. readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA...

SUSE SLES12 Security Update : libsndfile (SUSE-SU-2026:1969-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1969-1 advisory. This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c whe...

JLSEC-2026-360

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

CLSA-2026-1777301041 gd: Fix of CVE-2021-38115

Fix CVE-2021-38115: out-of-bounds read in readheadertga...

Security Bulletin: Ruby WEBrick read_header HTTP Request Smuggling Vulnerability (ZDI-CAN-21876), affects watsonx.data

Summary Ruby WEBrick is vulnerable to HTTP request smuggling via the readheader method due to inconsistent parsing of HTTP header terminators. Exploitation is possible when deployed behind certain HTTP proxies, allowing attackers to smuggle arbitrary HTTP requests. This can affect watsonx.data...

PT-2025-52901

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel’s NTFS3 filesystem component contains a flaw where allocated memory is not initialized before use. This issue is identified through Kernel Memory Sanitizer KMSAN reports...

Security update for ruby2.5

This update for ruby2.5 fixes the following issues: CVE-2024-35221: Fixed remote DoS via YAML manifest bsc1225905 CVE-2024-47220: Fixed HTTP request smuggling in WEBrick bsc1230930 CVE-2024-49761: Fixed ReDOS vulnerability by updating REXML to 3.3.9 bsc1232440 CVE-2025-24294: Fixed denial of...

EUVD-2013-0884

Malware in sbrugna...

Unity Linux 20.1070e Security Update: rubygem-webrick (UTSA-2025-984790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984790 advisory. Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations...

Unity Linux 20.1070e Security Update: ruby (UTSA-2025-984668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984668 advisory. Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations...

Security Bulletin: Astronomer with IBM is vulnerable to request smuggling due to the Ruby WEBrick package (CVE-2025-6442)

Summary WEBrick is used by Astronomer with IBM as part of the application processing functionality. Vulnerability Details CVEID:CVE-2025-6442 DESCRIPTION: Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on...

Linux Distros Unpatched Vulnerability : CVE-2024-55069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamfreadheader in /libavformat/iamfdec.c. CVE-2024-55069 Note that Nessus relies on the presenc...

ROS-20250826-03

Vulnerability of WEBrick library of Ruby programming language interpreter is related to incorrect checking of HTTP requests in the readheader method. HTTP requests in the readheader method. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform HTTP request spoofin...

AZL-66669 CVE-2025-52194 affecting package libsndfile 1.0.31-4

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircamreadheader function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential co...

CVE-2025-52194

A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircamreadheader function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential co...

CVE-2025-52194

Removed by vendor...

openjpeg: OpenJPEG OOB heap memory write

An out-of-bounds heap memory write OOB flaw was found in OpenJPEG. A call to opjjp2readheader may lead to an OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

Linux Distros Unpatched Vulnerability : CVE-2025-6442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected...

Ruby WEBrick read_header HTTP Request Smuggling Vulnerability

...