CVE-2026-39103

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...

PT-2026-37061

Name of the Vulnerable Software and Affected Versions GPAC versions prior to commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 Description A buffer overflow allows an attacker to cause a denial of service. This issue occurs within the src/scenegraph/svg attributes.c file, specifically involving th...

OESA-2026-1648 qt5-qtsvg security update

The Qt SVG module provides functionality for displaying SVG images in widget, and to create SVG files using drawing commands. Security Fixes: The module will parse a pattern node which is not a child of a structural node. The node will be deleted after creation but might be accessed later leading...

CVE-2026-27621

TypiCMS is a multilingual content management system based on the Laravel framework. A Stored Cross-Site Scripting XSS vulnerability exists in the file upload module of TypiCMS prior to version 16.1.7. The application allows users with file upload permissions to upload SVG files. While there is a...

CVE-2026-25989

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check instead of = that allows bypass the guard and reach an undefined sizet cast...

CVE-2018-1000639

LatexDraw version =4.0 contains a XML External Entity XXE vulnerability in SVG parsing functionality that can result in disclosure of data, server side request forgery, port scanning, possible rce. This attack appear to be exploitable via Specially crafted SVG file...

ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack

Summary Using Magick to read a malicious SVG file resulted in a DoS attack. Details bt obtained using gdb: 4 0x0000555555794c9c in ResizeMagickMemory memory=0x7fffee203800, size=391344 at MagickCore/memory.c:1443 5 0x0000555555794e5a in ResizeQuantumMemory memory=0x7fffee203800, count=48918,...

EUVD-2007-3702

Malware in sbrugna...

EUVD-2011-3862

Malware in sbrugna...

EUVD-2018-1973

Malware in sbrugna...

EUVD-2017-3085

Malware in sbrugna...

EUVD-2017-12061

Malware in sbrugna...

EUVD-2025-9975

Malicious code in bioql PyPI...

EUVD-2025-9973

Malicious code in bioql PyPI...

EUVD-2025-9976

Malicious code in bioql PyPI...

EUVD-2025-9971

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-38193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a...

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

CVE-2017-1000498

AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution...

Huawei HarmonyOS buffer overflow vulnerability (CNVD-2025-11087)

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a buffer overflow vulnerability that stems from a security issue in the SVG parsing module, which can be exploited by an attacker to affect availability...