EUVD-2025-210334

A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

CVE-2025-60473

A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

CVE-2025-60473

GPAC MP4Box before 26.02.0 is affected by a NULL pointer dereference in gf_filter_in_parent_chain (filter_core/filter_pid.c), enabling a Denial of Service when processing a crafted file. The issue is a code-level null dereference in the parent-chain filtering logic, with a CVSS v3.1 base score of...

CVE-2026-54651

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1...

Gogs has a Denial of Service in repository/wiki file listing web pages

Summary A malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the pages containing the listing of files will return HTTP error 500 and render the web interface unusable for the repository or wiki. Details The issue is...

libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

A flaw was found in the xmllint program distributed by the libxml2 package. A buffer over-read in the xmlHTMLPrintFileContext function in the xmllint.c file may be triggered when a crafted file is processed with the xmllint program using the --htmlout command line option, causing an application...

Autodesk Revit 2024 < 2024.3.5 / 2025 < 2025.4.5 / 2026 < 2026.4.1 / 2027 < 2027.1 DoS (adsk-sa-2026-0007)

The version of Autodesk Revit installed on the remote host is 2024 prior to 2024.3.5, 2025 prior to 2025.4.5, 2026 prior to 2026.4.1, or 2027 prior to 2027.1. It is, therefore, affected by a denial of service vulnerability: - A maliciously crafted RFA file, when converted to FormIt via 'Convert R...

Astra Linux – Vulnerability in Graphviz

A buffer overflow in the Graphviz Graph Visualization Tools, starting from the commit ID f8b9e035 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service application crash by loading a crafted file into the "lib/common/shapes.c" component...

Astra Linux – Vulnerability in libde265

libde265 v1.0.4 contains a heap buffer overflow vulnerability in the mmloadlepi64 function, which can be exploited through a specially crafted file...

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick, specifically in the MagickCore/visual-effects.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The greatest threat of this vulnerability is to system...

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the putqpel00fallback16 function, which can be exploited through a specially crafted file...

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the putweightedbipred16fallback function, which can be exploited through a specially crafted file...

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a stack-based buffer overflow vulnerability that may lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction—that is, the victim must open a specially crafted file...

Astra Linux – Vulnerability in SOX

There is a heap-based buffer overflow vulnerability in the sphere.c startread function of the Sound Exchange libsox 14.4.2 version and the main commit 42b3557e. A specially crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK version 2020.1 and earlier is affected by a buffer overflow vulnerability that may lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction, as the victim must open a specially crafted file...

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick’s MagickCore/segment.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, specifically a division by zero in mathematics. This likely results in a disruption to the application’s functionality, but it may al...

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a segmentation fault in the applysaointernal function, which can be exploited through a properly crafted file...

Astra Linux – Vulnerability in openimageio

There is a vulnerability related to out-of-bounds reading in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the Installer component of Google Chrome prior to version 92.0.4515.107 allowed a remote attacker to perform local privilege escalation through a crafted file...

Astra Linux – Vulnerability in libde265

Libde265 v1.0.4 contains a heap buffer overflow in the mcluma function, which can be exploited through a specially crafted file...