CVE-2024-51395

Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the APSmartAudio::loop, APSmartAudio, APSmartAudio.cpp components...

CVE-2024-48519

Buffer Overflow vulnerability in Ardupilot rover commit v.c56439b045162058df0ff136afea3081fcd06d38 allows a local attacker to cause a denial of service via the APInertialSensorADIS1647x.cpp, ArduRover, ADIS1647x Sensor component...

CVE-2026-43905 OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

EUVD-2026-30410

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

CVE-2026-43907

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the refint process. An attacker can execute arbitrary code as the operating system user running the database or execute arbitrary SQL as the database user performing a primary key update by providing...

CVE-2026-6637 PostgreSQL refint allows stack buffer overflow and SQL injection

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...

CVE-2026-6477

Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...

CVE-2026-8295

A flaw was found in simdjson, a JSON parsing library. An integer overflow vulnerability in the document-builder API, specifically within the stringbuilder::escapeandappend function, can occur when processing very large input strings on systems with limited sizet width, such as 32-bit builds. This...

SUSE CVE-2003-0099

Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function...

JLSEC-2026-496 Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via...

Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt...

knet-exploit-2013

KNet Web Server 1.04b Remote...

OSV-2026-736 Heap-buffer-overflow in coap_pdu_parse_header

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512517700 Crash type: Heap-buffer-overflow READ 1 Crash state: coappduparseheader coappduparse2 coappduparse...

OSV-2026-727 Global-buffer-overflow in md_start_new_block

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=512429152 Crash type: Global-buffer-overflow READ 4 Crash state: mdstartnewblock mdparse mdhtml...

ImageMagick < 6.9.13-46 / 7.x < 7.1.2-21 Stack Buffer Overflow

The remote host has a version of ImageMagick installed that is prior to 6.9.13-46 or 7.x prior to 7.1.2-21. It is, therefore, affected by a stack buffer overflow vulnerability: - A malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-021390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021390 advisory. GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affect...

libsixel 安全漏洞

Libsixel is a software package developed by Hayaki Saito, which provides encoding/decoding implementations for DEC SIXEL graphics and other conversion programs. Versions of Libsixel 1.8.7-r1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a signed integer overfl...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO prior to 3.0.18.0 and 3.1.13.0 contained a buffer error vulnerability. This vulnerability stemmed from a signe...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and a large number of supported image formats. Versions of OpenImageIO prior to 3.0.18.0 and 3.1.13.0 contained a buffer error vulnerability. This vulnerability stemmed from the...

PT-2026-41121

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.15 Description The lyb read string function in src/parser lyb.c contains an integer overflow. This occurs when parsing a maliciously crafted LYB binary blob, leading to a heap buffer overflow. An attacker capable ...