111 matches found
CVE-2026-11079
CVE-2026-11079 concerns Google Chrome’s Codecs. The issue is caused by insufficient validation of untrusted input in codecs, enabling a remote attacker to trigger an out-of-bounds memory write via a crafted video file. Affected product: Google Chrome (before 149.0.7827.53). The impact, as describ...
CVE-2026-40719
A flaw was found in MaraDNS. A remote attacker can exploit this vulnerability by providing a specially crafted DNS zone file where the authoritative nameserver address cannot be resolved. This can lead to the exhaustion of connection slots, resulting in a Denial of Service DoS for legitimate user...
EUVD-2026-14883
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...
CVE-2026-30007
XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff file...
JLSEC-2025-274 Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via ...
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010...
EUVD-2016-1383
Malware in sbrugna...
EUVD-2017-18798
Malware in sbrugna...
EUVD-2025-25739
Malicious code in bioql PyPI...
EUVD-2025-23196
Malicious code in bioql PyPI...
Heap-based Buffer Overflow
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
CVE-2025-55199 Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...
CVE-2019-19468
Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corrupt entry...
CVE-2024-50986
An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted DLL file...
CVE-2024-42563
An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file...
CVE-2024-41200
A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service DoS via a crafted AVI file...
CVE-2024-41440
A heap buffer overflow in the function pngquantize of hicolor v0.5.0 allows attackers to cause a Denial of Service DoS via a crafted PNG file...
CVE-2024-41440
A heap buffer overflow in the function pngquantize of hicolor v0.5.0 allows attackers to cause a Denial of Service DoS via a crafted PNG file...
CVE-2024-41443
Affected software: hicolor v0.5.0. Vulnerable component: cp_dynamic() in /vendor/cute_png.h. Root cause: stack overflow leading to Denial of Service via a crafted PNG file. No exploitation details are provided in the documents. Patch/mitigation status: not specified in the initial sources; one re...
CVE-2024-41438
A heap buffer overflow in the function cpstored /vendor/cutepng.h of hicolor v0.5.0 allows attackers to cause a Denial of Service DoS via a crafted PNG file...
CVE-2024-40724
CVE-2024-40724 affects the Assimp library prior to 5.4.2, with a heap-based buffer overflow that lets a local attacker execute code via a crafted input file. Connected advisories note fixed versions (e.g., 5.4.2 and newer) and mention related mitigations in distributions (Mageia, openSUSE/SUSE, o...