PT-2026-41034

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel decode raw and sixel decode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter...

CVE-2026-43861

mutt before 2.3.2 does not check for '\0' in urlpctdecode...

Astra Linux - уязвимость в djvulibre

A out-of-bounds write vulnerability was discovered in DjVuLibre, specifically in the function DjVU::DjVuTXT::decode in DjVuText.cpp. A crafted DjVU file can trigger this issue, leading to a crash or segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-007104)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007104 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstDat...

CVE-2026-31969 HTSlib CRAM decoder has a heap buffer overflow

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTEARRAYSTOP method, an out-by-one error in the...

CVE-2026-31962

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. While most alignment records store DNA sequence and quality values, the format also allows them to omit this data in certain cases to save space. Due to...

Linux Distros Unpatched Vulnerability : CVE-2026-31967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

K000156710: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2016-8677 The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure. CVE-2016-8862 The AcquireMagickMemory functi...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2019-11135: TSX Asynchronous Abort condition bsc1139073. CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL...

SUSE SLES15 / openSUSE 15 Security Update : iperf (SUSE-SU-2025:02749-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02749-1 advisory. - update to 3.19.1: CVE-2025-54351: Fixed buffer overflow in net.c bsc1247522 CVE-2025-54350: Fixed Base64Decode assertion failu...

Medium: python3.11

Issue Overview: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the...

SUSE CVE-2014-0158

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...

SUSE CVE-2018-14033

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olayoutdecode in H5Olayout.c, related to HDmemcpy...

DjVuLibre 缓冲区错误漏洞

DjVuLibre is an open source implementation of DjVu computer file format that includes a DjVu file viewer, browser plug-in, DjVu file decoder/encoder and other utilities. A security vulnerability exists in DjVuLibre versions prior to 3.5.28, which stems from an out-of-bounds write vulnerability...

DEBIAN-CVE-2020-10811

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5Olayoutdecode located in H5Olayout.c. It allows an attacker to cause Denial of Service...

DEBIAN-CVE-2019-11455

A buffer over-read in UtilurlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service application outage...

DEBIAN-CVE-2018-13869

An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c...

UBUNTU-CVE-2016-2479

The mm-video-v4l2 vdec component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles a buffer count, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSyste...