9227 matches found
CVE-2026-53877
An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...
CVE-2026-53877 Heap buffer over-read in GDALRaster
An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...
EUVD-2026-42044
An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16. django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the vsibuffer...
PT-2026-56196
Name of the Vulnerable Software and Affected Versions Django versions 6.0 through 6.0.6 Django versions 5.2 through 5.2.15 Description An issue exists where django.contrib.gis.gdal.GDALRaster over-reads its in-memory buffer when constructed from a bytes object. This can lead to the disclosure of...
BIT-ENVOY-2026-47220 Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTEDSERVERNAMEX:Y% is used in log format and host related options is specified, like HOSTFIRST, SNIFIRST, it's possible to crash Envoy when the specified host...
BIT-ENVOY-2026-47204 Envoy: grpc_stats filter segfault on Connect protocol requests to direct_response routes
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envoy.filters.http.grpcstats filter crashes null pointer dereference / segfault when a Connect protocol request Content-Type: application/connect+proto...
CVE-2026-47220 Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTEDSERVERNAMEX:Y% is used in log format and host related options is specified, like HOSTFIRST, SNIFIRST, it's possible to crash Envoy when the specified host...
CVE-2026-47220
The CVE describes a crash in Envoy when using %REQUESTED_SERVER_NAME(X:Y)% in log format with host-related options (e.g., HOST_FIRST, SNI_FIRST) and the specified host header is missing in the request headers. Affected versions are 1.37.0 through 1.37.5 and 1.38.3. The vulnerability arises from t...
CVE-2026-47205
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's extauthz HTTP filter when processing per-route authorization overrides...
CVE-2026-47205
CVE-2026-47205 affects Envoy’s ext_authz HTTP filter. From 1.36.0 through 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF) occurs when processing per-route authorization overrides concurrently with rapid downstream disconnects. The vulnerable flow creates a transient per-route client and reallo...
CVE-2026-21734
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
CVE-2026-21734 GPU DDK - libusc OOB write at TreeRemove during WebGPU shader compilation
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
EUVD-2026-39785
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
CVE-2026-21734
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
PT-2026-52841
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A GPU shader compiler library contains a flaw where loading a web page with unusual GPU shader code can trigger an out-of-bounds write. This occurs during an edg...
CVE-2026-57436
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage...
Astra Linux – Vulnerability in libde265
strukturag libde265 commit d9fea9d was discovered to contain a segmentation fault due to the component decodercontext::computeframedroptable...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fixed regmap maxregister The maxregister field is assigned the size of the register memory region, rather than the offset of the last register. As a result, reading from the regmap via debugfs can cause a...
Astra Linux – Vulnerability in taglib
TagLib before version 2.0 allows a segmentation violation and causes the application to crash during tag writing when a crafted WAV file is used, in which the id3 chunk is the only valid chunk...
Astra Linux – Vulnerability in PostgresSQL-15
Integer wraparound in several PostgreSQL libpq client library functions allows an application’s input provider or network peer to cause libpq to undersize allocations and write out-of-bounds data, involving hundreds of megabytes. This leads to a segmentation fault in the application that uses...