CVE-2026-43861

mutt before 2.3.2 does not check for '\0' in urlpctdecode...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011013 advisory. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in a lot of...

CVE-2026-0049

In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2026-10214

A vulnerability was identified in MrNanko webp4j up to 1.3.x. The affected element is the function DecodeGifFromMemory of the file src/main/c/gifdecoder.c. Such manipulation of the argument canvasheight leads to integer overflow. Local access is required to approach this attack. The exploit is...

Mozilla Thunderbird < 52.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-13 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex...

RHEL 8 : Satellite 6.15.5.5 Async Update (Important) (RHSA-2025:17614)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17614 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity t...

Linux Distros Unpatched Vulnerability : CVE-2018-18828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists a heap-based buffer overflow in vc1decodeiblockadv in vc1block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted a...

Linux Distros Unpatched Vulnerability : CVE-2021-28676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an...

Linux Distros Unpatched Vulnerability : CVE-2025-38399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport The function corescsi3decodespeciport, in its error code path, unconditionally calls...

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2025-1032)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1032 advisory. There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler your usage is not affected. To work-around...

CVE-2025-4516

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...

UBUNTU-CVE-2024-34156

Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

OESA-2024-1804 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

PT-2023-23933 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 20.1 Description: An out-of-bounds write issue exists in the dcm pixel data decode functionality. A specially crafted malformed file can lead to arbitrary code execution. A victim would need to open a malicious file...

PT-2022-20586 · Openzeppelin · Openzeppelin Contracts

Name of the Vulnerable Software and Affected Versions: OpenZeppelin Contracts versions 4.1.0 through 4.7.1 Description: The issue concerns the SignatureChecker reverting in certain cases, which is not expected. This occurs due to an incorrect assumption about Solidity 0.8's abi.decode, specifical...

DEBIAN-CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...

UBUNTU-CVE-2018-13869

An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c...

DEBIAN-CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...