3810 matches found
PT-2026-52968
Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A Denial of Service DoS issue exists in the parse month function located in /time/strptime.rs. An attacker can cause the system to crash by providing a specially crafted input. This issue is...
CVE-2026-38639
CVE-2026-38639 affects relibc. The issue is in the parse_month function (path /time/strptime.rs) within commit ab6a2e and allows an attacker to trigger a Denial of Service by parsing a crafted input. The available sources confirm the vulnerability location and impact but do not provide exploitati...
CVE-2026-49851
A flaw was found in Mistune, a Python Markdown parser. A remote attacker can exploit this vulnerability by providing a specially crafted Markdown input containing many consecutive bracket characters. This can lead to excessive CPU usage, causing a denial-of-service DoS condition on the affected...
RLSA-2023:5048 Important: flac security update
FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files...
CVE-2026-12244
NSD (the DNS server) is affected when configured as a secondary for a zone. A primary can crash NSD by sending an AXFR containing a DNS message with a specially crafted SVCB RR whose rdata size is 65512, which causes an (uint16_t) length to overflow while allocating space for the RR wrap (total s...
EUVD-2026-39180
shell-quote prior to 1.8.5 finalizes parsed tokens in parse using Array.prototype.concat as a reduce accumulator, which reallocates and copies the entire growing array on every iteration. As a result parse runs in On^2 time relative to the number of input tokens. An attacker who can supply an...
EUVD-2025-210335
A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
PT-2026-52580
Name of the Vulnerable Software and Affected Versions relibc affected versions not specified Description A reachable unwrap in the assert fail function located in /assert/mod.rs allows attackers to cause a Denial of Service DoS by providing a crafted string. An unwrap is a operation that attempts...
CVE-2026-38637
An issue in the pthreadrwlockattrsetpshared function of relibc commit 61f42d allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2026-38637
CVE-2026-38637 affects the relibc project, specifically the pthread_rwlockattr_setpshared() function in commit 61f42d. The vulnerability allows attackers to trigger a Denial of Service via crafted input, with a network attack vector and no privileges required (attack complexity low; UI none; scop...
PT-2026-52579
Name of the Vulnerable Software and Affected Versions relibc version 61f42d Description A flaw in the pthread rwlockattr setpshared function allows attackers to trigger a Denial of Service DoS by providing crafted input. Recommendations As a temporary workaround, consider restricting the use of t...
DEBIAN-CVE-2025-60474
A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
CVE-2025-60474
A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
UBUNTU-CVE-2025-60474
A buffer overflow in the gfmediaimport function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
PT-2026-52133
Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A buffer overflow occurs in the gf media import function located in /media tools/av parsers.c. This issue allows remote attackers to cause a Denial of Service DoS by providing a special...
CVE-2025-60474
GPAC MP4Box up to version 26.01.x has a buffer overflow in the gf_media_import() function (in /media_tools/av_parsers.c). The underlining issue allows DoS via crafted input, affecting MP4Box before 26.02.0. Public sources consistently cite GPAC MP4Box versions prior to 26.02.0 as vulnerable, with...
libexpat: denial of service via crafted XML input
A flaw was found in libexpat. When processing a specially crafted XML input containing a specific pattern of attributes, the parsing time increases quadratically due to checks for attribute name collisions. This consumes excessive CPU resources and eventually results in a denial of service...
Astra Linux – Vulnerability in openjpeg2
There is a flaw in openjpeg in versions prior to 2.4.0, located in src/lib/openjp2/pi.c. When an attacker can provide crafted input that is processed by the openjpeg encoder, it may lead to an out-of-bounds read. The most significant impact of this flaw is the application’s availability...
Astra Linux – Vulnerability in imagemagick
Due to a missing check for the 0 value of replaceextent, it is possible for the offset p to overflow in SubstituteString, potentially affecting application availability. This issue can be triggered by an input file crafted with ImageMagick. The flaw affects ImageMagick versions prior to 7.0.8-68...
Astra Linux – Vulnerability in CGal
There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger an...