CVE-2026-22853 FreeRDP has a heap-buffer-overflow in ndr_read_uint8Array

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

PT-2026-26145

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTE ARRAY STOP method, an out-by-one error in the cram byte arra...

PT-2026-26147

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTE ARRAY LEN method, the cram byte array len decode failed to...

OSV-2025-852 Heap-buffer-overflow in std::__1::pair<int, arrow::util::RleBitPackedParser::ControlFlow> arrow::util::R

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=454097865 Crash type: Heap-buffer-overflow READ 1 Crash state: std::1::pair arrow::util::R arrow::util::RleBitPackedDecoder::GetBatch auto parquet::DictByteArrayDecoderImpl::DecodeArrowDense...

EUVD-2025-35629

OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao's audit log did not appropriately redact fields when relevant subsystems sent byte response parameters rather than strings. This includes, but is not limited to sys/raw with use of encoding=base64,...

EUVD-2019-5272

Malware in sbrugna...

ROS-20251006-16

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

ROS-20251006-14

A vulnerability in a library that provides basic functionality for data serialization and deserialization Jackson Core, is related to the fact that when parsing JSON from an array of bytes with offset and length, an exception message is erroneously read from the beginning of the array. exception...

CVE-2025-9340

CVE-2025-9340 is an Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java—BC-FJA 2.1.0 (API modules), affecting the file org/bouncycastle/jcajce/provider/BaseCipher. IBM security bulletins confirm this issue alongside CVE-2025-9341 and tie the impact to BC-F...

CVE-2019-14014

Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2130...

[SECURITY] Fedora 41 Update: rust-zerovec-0.10.4-4.fc41

Zero-copy vector backed by a byte array...

DEBIAN-CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

PT-2024-28235 · Unknown +1 · Spring Mvc +1

Name of the Vulnerable Software and Affected Versions: Spring MVC affected versions not specified Description: The issue concerns Spring MVC controller methods that utilize an @RequestBody byte method parameter, making them susceptible to Denial of Service DoS attacks. Recommendations: At the...

CVE-2024-24564

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

PYSEC-2024-205

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

CVE-2024-24564 Vyper extract32 can ready dirty memory

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in extract32b, start, if the start index provided has for side effect to update b, the byte array to extract 32 bytes from, it could be that some dirty memory is read and returned by extract32. This...

nodejs: path traversal through path stored in Uint8Array

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

RHEL 9 : php (RHSA-2023:5926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5926 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: XML loading external entity witho...

Integer overflow

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...

GHSA-87MF-9WG6-PPF8 Ouroboros is Unsound

In 0.15.0 and prior, Ouroboros works internally by creating a struct where all uses of 'this are replaced by 'static. However, a recent addition to Miri checks that references passed to functions are valid during the entire execution of the function, even when those references are passed inside a...