FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a heap buffer overflow vulnerability in the resizevbarentry function. This occurs when an error in buffer resizing leads to attacker-controlled pixel data being written into an...

CVE-2026-35199 SymCrypt SymCryptXmssSign function - Heap overflow via 64->32-bit leaf-count truncation

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

GHSA-467J-76J7-5885 ImageMagick: Write heap-buffer-overflow in PCL encoder via undersized output buffer

A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. WRITE of size 1 at 0x7e79f91f31a0 thread T0...

CVE-2026-28686

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. This vulnerability is fixed in 7.1.2-16 and 6.9.13-...

CVE-2026-28686 ImageMagick has a write heap-buffer-overflow in PCL encoder via undersized output buffer

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. This vulnerability is fixed in 7.1.2-16 and 6.9.13-...

CVE-2026-28686 ImageMagick has a write heap-buffer-overflow in PCL encoder via undersized output buffer

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. This vulnerability is fixed in 7.1.2-16 and 6.9.13-...

CVE-2026-28686

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. This vulnerability is fixed in 7.1.2-16 and 6.9.13-...

CVE-2026-28686

CVE-2026-28686 affects ImageMagick’s PCL encoder. A heap-buffer-overflow is caused by an undersized output buffer allocation in the PCL encode path, allowing memory corruption. The issue is limited to the PCL encoding routine and is exploitable locally (no user interaction) with a medium overall ...

CVE-2026-28686 ImageMagick has a write heap-buffer-overflow in PCL encoder via undersized output buffer

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, A heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation. This vulnerability is fixed in 7.1.2-16 and 6.9.13-...

PT-2026-24125

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software used for editing and manipulating digital images. A heap-buffer-overflow issue exists in the PCL encode functionality due to an...

CVE-2025-63701

A heap corruption vulnerability exists in the Advantech TP-3250 printer driver's DrvUIx64ADVANTECH.dll v0.3.9200.20789 when DocumentPropertiesW is called with a valid dmDriverExtra value but an undersized output buffer. The driver incorrectly assumes the output buffer size matches the input buffe...

CVE-2025-63701

A heap corruption vulnerability exists in the Advantech TP-3250 printer driver's DrvUIx64ADVANTECH.dll v0.3.9200.20789 when DocumentPropertiesW is called with a valid dmDriverExtra value but an undersized output buffer. The driver incorrectly assumes the output buffer size matches the input buffe...

CVE-2025-63701

A heap corruption vulnerability exists in the Advantech TP-3250 printer driver's DrvUIx64ADVANTECH.dll v0.3.9200.20789 when DocumentPropertiesW is called with a valid dmDriverExtra value but an undersized output buffer. The driver incorrectly assumes the output buffer size matches the input buffe...

PT-2025-47004

Name of the Vulnerable Software and Affected Versions Advantech TP-3250 printer driver versions v0.3.9200.20789 Description A heap corruption issue exists in the Advantech TP-3250 printer driver’s DrvUI x64 ADVANTECH.dll component. The issue occurs when the DocumentPropertiesW function is called...

CVE-2025-63701

The vulnerability CVE-2025-63701 affects Advantech TP-3250 printer driver DrvUI_x64_ADVANTECH.dll (v0.3.9200.20789). A heap corruption condition occurs when DocumentPropertiesW() is called with a valid dmDriverExtra but an undersized output buffer, caused by the driver erroneously assuming the ou...

CVE-2024-45287

A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data...

Microsoft Windows EMF Parsing Integer Truncation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

QEMU Stack Buffer Overflow Vulnerability

QEMU aka Quick Emulator is a suite of analog processor software developed by French programmer Fabrice Bellard. QEMU suffers from a stack buffer overflow vulnerability, which stems from a failure to perform sufficient bounds checking before copying user input into an undersized buffer. An attacke...

Hewlett-Packard Network Node Manager I pmd.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager i. Authentication is not required to exploit this vulnerability. The specific flaw exists within pmd.exe, which listens by default on TCP port 162. By sending a specially...