3140 matches found
EUVD-2026-23644
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
CVE-2026-40492
SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the XWD codec resolves pixel format based on pixmapdepth but the byte-swap code uses bitsperpixel independently. When...
PT-2026-33586
Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979 Description The PSD codec in this cross-platform image library for loading and saving images contains a heap buffer overflow when processing images in LAB mode. The issue...
PT-2026-33587
Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302 Description SAIL is a cross-platform library used for loading and saving images, supporting animation, metadata, and ICC profiles. The TGA codec's RLE decoder in tga.c...
Linux Distros Unpatched Vulnerability : CVE-2026-40493
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...
Linux Distros Unpatched Vulnerability : CVE-2026-40494
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit...
PT-2026-33585
Name of the Vulnerable Software and Affected Versions SAIL versions prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02 Description The XWD codec resolves pixel format based on the pixmap depth variable, but the byte-swap code independently uses bits per pixel. When pixmap depth is 8 BPP8...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007199)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007199 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode...
DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Bamboo Data Center
This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...
Important: libde265
Issue Overview: libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17. CVE-2026-33164 libde265 is an open source...
HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center
This High severity HTTP Request Smuggling vulnerability was introduced in version 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, 10.2.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006572)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006572 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in sndac97mixer smatch error:...
libvpx security update
1.3.0-8.0.3 - Fixes heap buffer overflow in libvpx CVE-2026-2447 Orabug: 39112729 1.3.0-8.0.1 - Fixes CVE-2025-5283 vpxcodecencinitmulti fix double free on init fail Orabug: 38103810...
CVE-2026-5476
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
EUVD-2026-18814
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5476
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5476 NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5476 NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5476
A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...
CVE-2026-5476
CVE-2026-5476 affects NASA cFS up to 7.0.0 on 32-bit. The vulnerability is in CFE_TBL_ValidateCodecLoadSize (cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c) and is caused by an integer overflow. The documented attack complexity is high and exploitability is described as difficult. A fix is plan...