4732 matches found
UBUNTU-CVE-2026-25556
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
CVE-2026-25556 MuPDF 1.23.0 through 1.27.0 Barcode Decoding Double Free
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
CVE-2026-25556
CVE-2026-25556 affects MuPDF versions 1.23.0–1.27.0 and describes a double-free in fz_fill_pixmap_from_display_list() when an exception occurs during display list rendering. The function drops a caller-owned fz_pixmap in its error path before rethrowing, and the bar‑code decoding path can drop th...
EUVD-2026-5668
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
CVE-2026-25556
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
CVE-2026-25556 MuPDF 1.23.0 through 1.27.0 Barcode Decoding Double Free
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
CVE-2026-25556
MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...
OESA-2026-1288 python-urllib3 security update
HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loadin...
CVE-2026-2016
A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has bee...
OpenSTAManager 操作系统命令注入漏洞
OpenSTAManager is an open-source management software for technical assistance and billing developed by Devcode. Versions of OpenSTAManager 2.9.8 and earlier contained a vulnerability related to operating system command injection. This vulnerability stemmed from the P7M file decoding function’s...
Linux Distros Unpatched Vulnerability : CVE-2026-25556
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering...
PT-2026-6844
Summary A critical OS Command Injection vulnerability exists in the P7M signed XML file decoding functionality. An authenticated attacker can upload a ZIP file containing a .p7m file with a malicious filename to execute arbitrary system commands on the server. Vulnerable Code File:...
CVE-2020-37124
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during...
EUVD-2020-31044
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during...
CVE-2020-37124 B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter)
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during...
CVE-2020-37124 B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter)
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during...
CVE-2020-37124
CVE-2020-37124 affects B64dec 1.1.2. The vulnerability is a buffer overflow that allows arbitrary code execution by overwriting the Structured Exception Handler (SEH) with crafted input during the base64 decoding process. An egg-hunter technique and a carefully constructed payload are described a...
CVE-2020-37124
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during...
freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can trigger a client-side heap buffer overflow in the ClearCodec bands decode path. This vulnerability, caused by crafted band coordinates, allows writes past the end of the destination surface...
PT-2026-6568
B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during...