CVE-2026-44638

CVE-2026-44638 affects the libsixel SIXEL encoder/decoder. A wrong NULL check after allocation in sixel_decode_raw and sixel_decode causes a NULL pointer dereference when allocation fails, enabling a denial-of-service for callers under low-memory conditions. The issue stems from testing the addre...

XML Entity Expansion

Overview Affected versions of this package are vulnerable to XML Entity Expansion via the messagemaxbytesize setting configured in the decoderawsaml function. An attacker can cause resource exhaustion by submitting a specially crafted large SAML response that is validated for Base64 format before...

SUSE CVE-2021-29614

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

SUSE CVE-2021-36980

Open vSwitch aka openvswitch 2.11.0 through 2.15.0 has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...

openvswitch: use-after-free in decode_NXAST_RAW_ENCAP during the decoding of a RAW_ENCAP action

Open vSwitch aka openvswitch has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...

openvswitch: use-after-free in decode_NXAST_RAW_ENCAP during the decoding of a RAW_ENCAP action

Open vSwitch aka openvswitch has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...

GHSA-8PMX-P244-G88H Interpreter crash from `tf.io.decode_raw`

Impact The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. python import tensorflow as tf tf.io.decoderawtf.constant"1","2","3","4", tf.uint16, fixedlength=4 The implementation of the padded version is...

PYSEC-2021-251

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

PYSEC-2021-740

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

PYSEC-2021-740

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

Google TensorFlow 缓冲区错误漏洞

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow versions 2.4.2,2.3.3,2.2.3, and 2.1.4, which stems from an implementation of tf.io.decoderaw that produces incorrect...

PT-2021-18365 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 TensorFlow version 2.2.3 TensorFlow version 2.1.4 Description: The implementation of tf.io.decode raw produces incorrect results and crashes the Python...

openvswitch: use-after-free in decode_NXAST_RAW_ENCAP during the decoding of a RAW_ENCAP action

Open vSwitch aka openvswitch has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...

UBUNTU-CVE-2019-19637

An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixeldecoderawimpl at fromsixel.c...

PT-2019-15894 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: libsixel version 1.8.2 Description: A heap-based buffer overflow issue was found in the sixel decode raw impl function at fromsixel.c. Recommendations: For libsixel version 1.8.2, consider disabling the sixel decode raw impl function as a...

Libsixel Illegal Address Access Vulnerability

libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. An illegal address access vulnerability exists in the 'sixeldecoderawimpl' function of the fromsixel.c file in libsixel version 1.8.2, which can be exploited by an attacker t...

Libsixel Memory Disclosure Vulnerability

libsixel is a SIXEL encoder/decoder implementation. The 'sixeldecoderdecode' function in the decoder.c file, the 'imagebufferresize' function in the fromsixel.c file, and the 'sixeldecoderaw' function in the fromsixel.c file in libsixel version 1.8.1. ' function, 'imagebufferresize' function of t...

UBUNTU-CVE-2018-14072

libsixel 1.8.1 has a memory leak in sixeldecoderdecode in decoder.c, imagebufferresize in fromsixel.c, and sixeldecoderaw in fromsixel.c...

Fedora Update for dcraw FEDORA-2013-22929

Check for the Version of dcraw OpenVAS Vulnerability Test Fedora Update for dcraw FEDORA-2013-22929 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...