5807 matches found
CVE-2026-32647
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...
CVE-2026-32647 NGINX ngx_http_mp4_module vulnerability
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...
CVE-2026-32647
Summary: NGINX Open Source and NGNIX Plus may be affected when built with the ngx_http_mp4_module and using the mp4 directive. The issue is a vulnerability in the module that can trigger a buffer over-read or over-write in the worker memory, potentially terminating the worker or enabling code exe...
CVE-2026-32647
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...
CVE-2026-32647 NGINX ngx_http_mp4_module vulnerability
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...
CVE-2026-32647
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...
K000160366: NGINX ngx_http_mp4_module vulnerability CVE-2026-32647
Security Advisory Description NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially craft...
PT-2026-27436
Name of the Vulnerable Software and Affected Versions NGINX Open Source and NGINX Plus versions affected versions not specified Description NGINX Open Source and NGINX Plus, when built with the ngx http mp4 module module and configured with the mp4 directive, are susceptible to a buffer over-read...
ROS-20260324-73-0035
A vulnerability in the net/netfilter/xtnfacct.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to gain access to sensitive data and cause a denial of service...
Advisory ROSA-SA-2026-3216
software: libpng 1.6.53 WASP: ROSA-CHROME unaffected versions = libpng-1.6.53-1 affected versions libpng-1.6.53-1 CVE-ID: CVE-2025-64505 BDU-ID: 2026-02923 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the pngdoquantize function of the pngrtran.c component of the PNG Libpng bitmap graphics libra...
CLSA-2026-1774027236 Fix CVE(s): CVE-2026-27798
SECURITY UPDATE: heap buffer over-read with wavelet-denoise operator - debian/patches/CVE-2026-27798.patch: use 4columns instead of 3columns for resource and memory allocation in WaveletDenoiseImage to prevent over-read when processing small-dimension images - CVE-2026-27798...
PT-2026-36798
Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description A buffer over-read issue exists in the mod proxy ajp module, specifically within the ajp parse data function. This flaw can lead to a heap over-read and memory disclosure, potentially...
EUVD-2026-13105
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
CVE-2026-2369
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
UBUNTU-CVE-2026-2369
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
CVE-2026-2369 Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
CVE-2026-2369
A vulnerability CVE-2026-2369 exists in libsoup where an integer underflow occurs when processing content with a zero-length resource, causing a buffer overread. Connected sources indicate this affects libsoup versions older than 3.4.4-14, with a patched release available (3.4.4-14). Potential im...
CVE-2026-2369
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
CVE-2026-2369 Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...
CVE-2026-2369
A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service...