CVE-2023-4679

A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gffilterpacketdel function in filtercore/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash...

CVE-2023-4778

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2023-4681

NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2023-4755

Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2023-4720

Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV...

CVE-2026-21690

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTagXmlTagData::ToXml. This vulnerability affects users o...

CVE-2026-21681

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Undefined Behavior runtime error. This vulnerability affects users of the iccDEV library who...

Siemens Ruggedcom ROX Improper Input Validation (CVE-2022-24958)

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

a2grunnerp (>=0.1.0 <=0.1.8), a4t-sale-discount (=5.0.2) +2901 more potentially affected by CVE-2026-21860 via werkzeug (>=0.10.1 <=3.1.4)

werkzeug PYPI version =0.10.1, =0.1.0, =1.0.2, =1.0.5, =0.10.3, =1.8.8, =0.3.1, =0.8.44.4, =4.2.0, =1.0.0, =0.4.0, =0.1.3, =0.9.2, =0.9.4 and more Source cves: CVE-2026-21860 Source advisory: OSV:GHSA-87HC-H4R5-73F7...

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2025-1356)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1356 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building...

EUVD-2026-1394

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagSpectralViewingConditions. This vulnerability affects users of th...

CVE-2026-21682

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow in CIccXmlArrayType::ParseText. This vulnerability affects users of the...

CVE-2026-21504 Heap Buffer Overflow in iccDEV ToneMap Parser

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap buffer overflow in the ToneMap parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21674

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain a memory leak vulnerability in its XML MPE Parsing Path iccFromXml. This issue is fixed in version 2.3.1.1...

CVE-2026-21491

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

CVE-2026-21491 iccDEV has unicode buffer overflow in CIccTagTextDescription

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. A vulnerability present in versions prior to 2.3.1.2 affects users of the iccDEV library who process ICC color profiles. It...

@klardaten/n8n-nodes-datevconnect (>=1.0.1 <=1.0.2), @n8n/task-runner (>=1.37.0 <=1.57.1) +15 more potentially affected by CVE-2026-21877 via n8n-core (>=1.0.0 <=1.120.1)

n8n-core NPM version =1.0.0, =1.0.1, =1.37.0, =1.0.0, =0.1.0, =1.0.1, =0.3.3, =0.3.1, =1.1.0, =0.1.4, =0.4.10, =0.2.0, =0.2.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-21877 Source advisory: SNYK:JS-N8NCORE-14894271...

@n8n/task-runner (=1.58.0), n8n-node-dev (=1.120.0) potentially affected by CVE-2026-21877 via n8n-core (=1.121.0)

n8n-core NPM version =1.121.0 is affected by a known vulnerability. The following packages have a transitive dependency on n8n-core and may be impacted: - @n8n/task-runner =1.58.0 - n8n-node-dev =1.120.0 Source cves: CVE-2026-21877 Source advisory: SNYK:JS-N8NCORE-14894271...

PT-2026-8106

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the io uring/io-wq subsystem. Specifically, processing a large number of 2GB - 4096B reads from a /dev/msr file using loop rw iter can take an...

PT-2026-27660

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix dead lock for suspend and resume When an application issues a query IOCTL while auto suspend is running, a deadlock can occur. The query path holds dev lock and then calls pm runtime resume and get, which waits...