4231 matches found
ROS-20260401-73-0014
A vulnerability in the pngimagefinishread function of the pngimagefinishread library for handling bitmap graphics in the PNG libpng format is related to writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by loading a...
ROS-20260401-73-0012
A vulnerability in the pngimagefinishread function of the pngimagefinishread library for handling bitmap graphics in the PNG libpng format is related to writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code by loading a...
CVE-2026-5164
A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...
CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...
CVE-2026-5164
A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...
CVE-2026-5164 Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...
CVE-2026-5164
The CVE-2026-5164 entry describes a vulnerability in virtio-win where the RhelDoUnMap() function fails to properly validate the number of descriptors in an unmap request. This input validation flaw can be exploited by a local user who supplies an excessive number of descriptors, potentially causi...
CVE-2026-5164
A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. Th...
PT-2026-29035
Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A flaw exists in virtio-win where the RhelDoUnMap function inadequately validates the number of descriptors supplied by a user during an unmap request. A local user could exploit this inpu...
Linux Distros Unpatched Vulnerability : CVE-2026-5164
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in virtio-win. The RhelDoUnMap function does not properly validate the number of descriptors provided by a user during an unmap request. A loca...
Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1481)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1481 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals a...
CVE-2026-33536
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, due to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds...
CVE-2026-30006
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...
SUSE-SU-2026:1045-1 Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.293 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-68285: libceph: fix potential use-after-free ...
CVE-2026-33307
Modgnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior to 0.12.3 and 0.13.0, code for client certificate verification imported the certificate chain sent by the client into a fixed size gnutlsx509crtt x509 array without checking the number of certificates is less than or...
EUVD-2026-14467
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...
CVE-2026-30006
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...
CVE-2026-30006
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...
PT-2026-27148
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...
CVE-2026-30006
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file...