CVE-2026-46599

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

UBUNTU-CVE-2026-46599

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

SUSE CVE-2019-12527

An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user...

CVE-2019-9845

madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension...

Adobe Reader 10.1.4 - JP2KLibCoolType Crash (PoC)

Adobe Reader 10.1.4 - JP2KLibCoolType Crash PoC Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkav...

PassWD 1.2 - Weak Encryption

PassWD 1.2 - Weak Encryption // source: https://www.securityfocus.com/bid/1300/info PassWd 1.2 is a password management utility designed to store user login information to various URLs. The login information, which includes username, password and link location is stored in the pass.dat file which...