Unity Linux 20.1060e / 20.1070e Security Update: gd (UTSA-2026-016663)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016663 advisory. readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA...

Unity Linux 20.1070e Security Update: gd (UTSA-2026-016717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016717 advisory. gdImageGd2Ptr in gdgd2.c in the GD Graphics Library aka LibGD through 2.3.2 has a double free. NOTE: the vendor's position is The GD2 image format is a proprietary...

Astra Linux - уязвимость в libgd2

The readheadertga function in gdtga.c within the GD Graphics Library also known as LibGD in versions up to 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read through a crafted TGA file...

@ant-design/charts (>=1.0.17-beta.1 <=1.1.4-alpha.0), @thcloud/vmap (>=1.0.1 <=1.0.2) +7 more potentially affected by unknown CVE via @antv/l7-district (=2.3.12)

@antv/l7-district NPM version =2.3.12 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/l7-district and may be impacted: - @ant-design/charts =1.0.17-beta.1, =1.0.1, =0.1.0, =4.4.1, =1.0.13, =1.0.0, =1.0.0, =2.0.2, =2.1.8 Source cves: unknown CVE...

SUSE CVE-2026-8087

A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a local position. The...

UBUNTU-CVE-2026-43440

In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the managdcleanup function in the mana driver. This function does not check whether gc-servicewq ...

CLSA-2026-1777541021 gd: Fix of CVE-2021-40145

CVE-2021-40145: Fix a double free in gdImageGd2Ptr in gdgd2.c in the GD Graphics Library...

MAL-2026-2540 Malicious code in gd-auth (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 baa9851d66a8d40c23baf029f186e4f8f5366381dadb2d3ecc8cb9420e5e3997 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in gd-auth (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 baa9851d66a8d40c23baf029f186e4f8f5366381dadb2d3ecc8cb9420e5e3997 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Exploit for Out-of-bounds Read in Php

CVE-2022-31630 – Proof of Concept Exploit Peringatan: Kode ini...

Exploit for Out-of-bounds Read in Php

CVE-2022-31630 - Proof of Concept Exploit untuk PHP 7.4.33 Per...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005709 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with trivial replies,...

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for January 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF006. These vulnerabilities have been also adressed in 24.0.1-IF006 and 25.0.0-IF003. Vulnerability Details CVEID:CVE-2018-5711 DESCRIPTION: gdgifin.c in the GD Graphics Library aka libgd, as used in PHP...

MiracleLinux 4 : gd-2.0.35-11.0.1.AXS4 (AXSA:2021-1073:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1073:01 advisory. gd: Integer overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : gd-2.2.5-7.el8 (AXSA:2020-1002:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1002:01 advisory. gd: Heap-based buffer overflow in gdImageColorMatch in gdcolormatch.c CVE-2019-6977 gd: NULL pointer dereference in gdImageClone CVE-2018-14553 gd:...

MiracleLinux 3 : gd-2.0.33-9.4.2.1.AXS3 (AXSA:2010-56:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-56:01 advisory. The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood...

CVE-2017-18591

The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php...

CVE-2023-40330

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Milan Petrovic GD Security Headers plugin = 1.6.1 versions...

CVE-2017-6363

In the GD Graphics Library aka LibGD through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gdtiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and...