1418 matches found
CVE-2026-34544
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...
EUVD-2026-17407
An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535...
CVE-2026-27853 Out-of-bounds write when rewriting large DNS packets
An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535...
Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CoreMedia framewor...
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
CVE-2026-21362
Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2026-23316
A flaw was found in the Linux kernel's handling of multipath hash seeds on ARM64 architectures. This vulnerability can lead to a system crash kernel panic when the kernel is compiled with specific optimizations, such as Clang with Link-Time Optimization LTO, due to an alignment fault during memor...
CVE-2026-4775
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...
CVE-2026-4756 Out-of-bounds Write in MolotovCherry Android-ImageMagick7
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11...
CVE-2026-4756 Out-of-bounds Write in MolotovCherry Android-ImageMagick7
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11...
CVE-2026-33850 Out-of-bounds Write in WujekFoliarz DualSenseY-v2
Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2.This issue affects DualSenseY-v2: before 54...
PT-2026-27349
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the setSliceHeaderIndex process. An attacker can cause a write operation to occur past the end of a heap allocation by submitting a specially crafted HEVC bitstream that manipulates the log2unitSize value aft...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the remotewrite HTTP handler not enabled by default. An attacker can cause excessive memory allocation by sending specially crafted HTTP requests, potentially leading to service disruption...
Out-of-bounds Write
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Canva Affinity EMF File EMR_CREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability
Talos Vulnerability Report TALOS-2025-2310 Canva Affinity EMF File EMRCREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability March 17, 2026 CVE Number CVE-2025-64301 SUMMARY An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By usin...
(Pwn2Own) Linux Kernel nf_tables_newset Out-Of-Bounds Write Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...
CVE-2026-2923
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary dependi...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...