2839 matches found
Integer Overflow or Wraparound
Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Integer Overflow or Wraparound
Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Integer Overflow or Wraparound
Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
PT-2026-25045
Name of the Vulnerable Software and Affected Versions LibreDWG versions 0.13.3.7571 through 0.13.3.7835 Description A heap buffer overflow exists in LibreDWG. A specially crafted DWG file can lead to a Denial of Service DoS condition. The issue is located in the decompress R2004 section function...
CVE-2025-61154
CVE-2025-61154 : A heap buffer overflow in LibreDWG affects versions 0.13.3.7571 through 0.13.3.7835. The overflow occurs in the decompression path while processing DWG files in the function decompress_R2004_section (decode.c), leading to Denial of Service (DoS). The available documents consisten...
Security update for python-PyPDF2 (moderate)
openSUSE security update: security update for python-pypdf2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20348-1 Rating: moderate References: bsc1259404 Cross-References: CVE-2026-28804 CVSS scores: CVE-2026-28804 SUSE : 6.5...
OPENSUSE-SU-2026:20340-1 Security update for cJSON
This update for cJSON fixes the following issues: - Update to version 1.7.19 Check for NULL in cJSONDetachItemViaPointer. Check overlap before calling strcpy in cJSONSetValuestring. Fix Max recursion depth for cJSONDuplicate to prevent stack exhaustion. Allocate memory for the temporary buffer wh...
EUVD-2026-10844
In mfcdecdqbuf of mfcdecv4l2.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Deserialization of Untrusted Data
Overview limesurvey/limesurvey is a FOSS online survey tool on the web. Affected versions of this package are vulnerable to Deserialization of Untrusted Data through the decodeTokenAttributes helper. An attacker can achieve remote code execution by supplying a malicious serialized token attribute...
Envoy: HTTP - filter chain execution on reset streams causing UAF crash
Note: This vulnerability was originally reported to the Google OSS VRP Issue ID: 477542544. The Google Security Team requested that I coordinate directly with the Envoy maintainers for triage and remediation. I am submitting this report here to facilitate that process. Technical Details I have...
SUSE CVE-2026-28804
pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5...
📄 GLib Memory Exhaustion
The gbase64decode function in the GLib library fails to enforce input size limits, allowing attackers to input extremely large Base64-encrypted data, resulting in uncontrolled memory allocation. This vulnerability can be exploited by providing a specially crafted, but syntactically correct, Base6...
CLSA-2026-1773048865 kernel: Fix of 53 CVEs
xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...