CVE-2025-53011 MaterialX is Vulnerable to NULL Pointer Dereference due to Unchecked implGraphOutput

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

RHSA-2020:1022 Red Hat Security Advisory: file security update

Bulletin has no description...

CVE-2023-46046

An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference via tiexpr in a crafted .mzn file. NOTE: this is disputed because there is no common libminizinc use case in which an unattended process is supposed to run forever to process a series of atttacker-controlled .mzn files...

Denial Of Service (DoS)

libde265.so is vulnerable to denial of service DoS attacks. A heap-based-buffer-overflow vulnerability exists due to the mcluma function in motion.cc, which allows a remote attacker to cause denial of service via crafted video file...

CVE-2022-3725

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file...

CVE-2022-29243

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into memory on usage,...

CVE-2020-21605

libde265 v1.0.4 contains a segmentation fault in the applysaointernal function, which can be exploited via a crafted a file...

GHSA-JG8V-48H5-WGXG jszip Vulnerable to Prototype Pollution

This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values e.g proto, toString, etc results in a returned object with a modified prototype instance...

CVE-2021-26197

An issue was discovered in JerryScript 2.4.0. There is a SEGV in mainprintunhandledexception in main-utils.c file...

CVE-2019-18218

cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...

CVE-2018-20461

In radare2 prior to 3.1.1, coreanalbytes in libr/core/cmdanal.c allows attackers to cause a denial-of-service application crash caused by out-of-bounds read by crafting a binary file...

CVE-2018-20426

libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866...

CVE-2018-1000542

netbeans-mmd-plugin version = 1.4.3 contains a XML External Entity XXE vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted MMD file...

DSA-3021-1 file - security update

Bulletin has no description...

DLA-27-1 file - security update

Bulletin has no description...

CVE-2014-0207

The cdfreadshortsector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted CDF file...

CVE-2009-0600

Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service application crash via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame...