858 matches found
[SECURITY] Fedora 44 Update: cjson-1.7.19-1.fc44
cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file...
CVE-2026-15173
A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the pcapng file parser, leading to a crash of the application. This denial of service DoS could prevent legitimate users from accessing the service, impacting its availability. Mitigation To mitigate this issue, use...
EUVD-2026-42446
BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure...
PT-2026-56594
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.6 Wireshark versions 4.4.0 through 4.4.16 Description A crash in the DBS Etherwatch file parser allows a denial of service. This issue is network-accessible and requires no authentication. Recommendations...
PT-2026-56599
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.6 Description A crash in the pcapng file parser allows a denial of service. This occurs when the software processes a specially crafted pcapng file, leading to an application failure. Recommendations Update...
CVE-2026-58379
A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...
Cisco Secure Endpoint Multiple ClamAV DoS (cisco-sa-clamav-88cFYyxR)
According to its self-reported version, Cisco Secure Endpoint is affected by multiple vulnerabilities. - A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory...
Linux Distros Unpatched Vulnerability : CVE-2026-20213
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded...
GHSA-F29H-2H58-48R7 Open Babel has out-of-bounds write in PQS coord_file parser
Summary A memory-safety vulnerability in Open Babel's PQS parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the coordfile parsing path of the PQS reader. A malformed coord file specifier caused the parser to write past the end of its destination...
EUVD-2026-41082
A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device. This vulnerability is due to improper boundary checks for content in...
GitLab CE/EE - Remote Code Execution
GitLab CE/EE starting from 11.9 does not properly validate image files that were passed to a file parser, resulting in a remote command execution vulnerability. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for...
OESA-2026-2613 catdoc security update
catdoc is program which reads one or more Microsoft word files and outputs text, contained insinde them to standard output. Therefore it does same work for.doc files, as unix cat command for plain ASCII files. It is now accompanied by xls2csv - program which converts Excel spreadsheet into...
CVE-2026-42476
Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...
CVE-2026-25125
October is a Content Management System CMS and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in the INI settings parser. Because PHP's parseinistring function supports $ syntax for environment variable interpolation, attackers with...
SUSE CVE-2026-10232
A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...
Linux Distros Unpatched Vulnerability : CVE-2026-10232
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE...
CVE-2026-10232
A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...
DEBIAN-CVE-2026-10232
A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...
CVE-2026-10232 Assimp ASE File scene.cpp ~aiNode use after free
A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...
CVE-2026-10232
A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...