CVE-2026-3085

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

UBUNTU-CVE-2026-3085

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Philips Hue Bridge 安全漏洞

The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability present in the Philips Hue Bridge, which stems from the lack of validation for the length of user data in the hkhappairstorageput function. This vulnerability...

SUSE CVE-2026-2047

GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page ...

CVE-2026-0797

GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

UBUNTU-CVE-2025-15275

FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2025-12840

CVE-2025-12840 affects Academy Software Foundation OpenEXR. The issue is a heap-based buffer overflow in EXR file parsing caused by a lack of proper validation of the length of user-supplied data before copying to a heap buffer, enabling remote code execution when a user opens a malicious EXR fil...

Academy Software Foundation OpenEXR 安全漏洞

Academy Software Foundation OpenEXR is a suite of software libraries for reading and writing EXR files organized by the Academy Software Foundation in the United States. A security vulnerability exists in Academy Software Foundation OpenEXR that stems from a lack of validation of the length of...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from unvalidated dataoffset, datalength, and maintainingdatalength, which could lead to insufficient data validation...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an unvalidated dataoffset and datalength fields of the smbdirectdatatransfer structure, which could lead to...

PT-2024-17110 · Luxion · Luxion Keyshot

Name of the Vulnerable Software and Affected Versions: Luxion KeyShot affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this issue, where the target must...

PT-2024-39798 · Tungsten Automation · Tungsten Automation Power Pdf

Name of the Vulnerable Software and Affected Versions: Tungsten Automation Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or...

CVE-2023-39494

PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-37319

D-Link DAP-2622 DDP Set IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability...

PT-2023-26979 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

PT-2023-26302 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required, where the target must visit a malicious page...

PT-2023-4065 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. The flaw exists within the parsing of AR files due to the lack of proper validation of t...

CVE-2022-2991

A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and...

Advantech WebAccess HEAP Buffer Overflow Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. Advantech WebAccess suffers from a HEAP buffer overflow...

Delta Industrial Automation WPLSoft dvp file heap buffer overflow vulnerability (CNVD-2017-228165)

Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A heap buffer overflow vulnerability exists in the Delta Industrial Automation WPLSoft dvp file due to a failure to valida...