PT-2026-34962

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ksmbd component during the SPNEGO decoding process. When the ksmbd decode negTokenInit function processes the mechToken OCTET STRING element, the ksmbd neg...

CVE-2026-34781

A flaw was found in Electron. An application that calls clipboard.readImage may be vulnerable to a denial of service DoS. If the system clipboard contains image data that fails to decode, the application can crash. This vulnerability does not lead to memory corruption or code execution. Mitigatio...

CVE-2026-30077

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

EUVD-2026-17142

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

PT-2026-29085

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

CVE-2026-30077

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

CVE-2026-30077

OpenAirInterface V2.2.0 AMF is affected by a crash when handling certain message decode failures. The issue is not triggered by all decode failures, but is reproducible for specific inputs (example hex stream: 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88). Connected sources confirm the p...

CVE-2026-30077

OpenAirInterface V2.2.0 AMF crashes when it fails to decode the message. Not all decode failures result in a crash. But the crash is consistent for particular inputs. An example input in hex stream is 80 00 00 0E 00 00 01 00 0F 80 02 02 40 00 58 00 01 88...

CVE-2026-31973 NULL pointer dereference in samtools cram-size

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

CVE-2025-59355

A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.errorstr + "decode failed", e. If the input parameter contains sensitive information such as Hive Metastore keys, plaintext...

PT-2025-38624

A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode fails to perform Base64 decoding, it records the complete input parameter string in the log via logger.errorstr + "decode failed", e. If the input parameter contains sensitive information such as Hive Metastore keys, plaintext...

Security update for iperf

This update for iperf fixes the following issues: Update to 3.19.1: CVE-2025-54349: Fixed off-by-one error and resultant heap-based buffer overflow bsc1247519. CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt bsc1247520...

AZL-66057 CVE-2025-54350 affecting package iperf3 for versions less than 3.17.1-3

In iperf before 3.19.1, iperfauth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt...

UBUNTU-CVE-2022-49770

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'firstrealm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random...

DEBIAN-CVE-2024-53984

Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PBENABLEMALLOC is enabled, the message contains at least one field with FTPOINTER field type, custom stream callback is used with unknown stream length. and the pbdecodeex function is used with flag...

SUSE CVE-2015-1227

The DragImage::create function in platform/DragImage.cpp in Blink, as used in Google Chrome before 41.0.2272.76, does not initialize memory for image drawing, which allows remote attackers to have an unspecified impact by triggering a failed image decoding, as demonstrated by an image for which t...