DEBIAN-CVE-2026-27821

GPAC is an open-source multimedia framework. In versions up to and including 26.02.0, a stack buffer overflow occurs during NHML file parsing in src/filters/dmxnhml.c. The value of the xmlHeaderEnd XML attribute is copied from att-value into szXmlHeaderEnd1000 using strcpy without any length...

EUVD-2023-33749

Malicious code in bioql PyPI...

EUVD-2022-29605

Malicious code in bioql PyPI...

EUVD-2025-5879

Malicious code in bioql PyPI...

EUVD-2021-8653

Malicious code in bioql PyPI...

CVE-2025-8177

A flaw was found in libtiff. The setrow function in file tools/thumbnail.c contains a buffer overflow vulnerability triggered by manipulation of image data, which can allow a local attacker to cause a denial of service. This overflow occurs when processing a crafted file. The vulnerability stems...

CVE-2025-8177

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

sparklemotion nokogiri hashmap.c hashmap_get_with_hash heap-based overflow

Withdrawn Advisory This advisory has been withdrawn because the affected code was never included in a release. This link has been maintained to preserve external references. Original Description A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833. It has...

CVE-2025-2849 UPX p_lx_elf.cpp un_DT_INIT heap-based overflow

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::unDTINIT of the file src/plxelf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

Azure Linux 3.0 Security Update: kernel (CVE-2024-26952)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26952 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when...

PT-2025-25977 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential buffer overflow issue has been identified in the Linux kernel, specifically in the ASoC: SOF: debug component. The issue arises from the use of snprintf, which returns the...

CVE-2022-43974

MatrixSSL 4.0.4 through 4.5.1 has an integer overflow in matrixSslDecodeTls13. A remote attacker might be able to send a crafted TLS Message to cause a buffer overflow and achieve remote code execution. This is fixed in 4.6.0...

PT-2022-26719 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: An issue was discovered in Bento4, leading to a Denial of Service DoS. The issue is caused by a heap-buffer-overflow in AP4 Dec3Atom::AP4 Dec3Atom at Ap4Dec3Atom.cpp, as demonstrated by mp42aac...

SUSE-SU-2019:2949-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12-SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Excepti...

CVE-2017-6300

An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."...

qemu-kvm security update

0.12.1.2-2.448.el66.4 - kvm-pcnet-fix-Negative-array-index-read.patch bz1225886 - kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch bz1225886 - Resolves: bz1225886 EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path rhel-6.6.z...

eggdrop/windrop remote crash vulnerability

Affected software ----------------- eggdrop 1.6.19 only, not 1.6.19+ctcpfix windrop 1.6.19 only, not 1.6.19+ctcpfix all eggdrop/windrop versions and packages which apply Nico Goldes patch for CVE-2007-2807/SA25276 See: 1 Vulnerability details --------------------- The SA25276 patch 1 uses strncpy...

[SECURITY] New version of ssh may fix buffer overflows

There has been a lot of confusion over ssh lately: some people think their systems have been hacked through ssh, although nobody has been able to produce an exploit. To avoid any possible problems we have patched ssh to fix any possible buffer overruns. We think this will stop any attack that mig...