15 matches found
OPENSUSE-SU-2026:20976-1 Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
EUVD-2026-37191
In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0157
Summary of findings (CVE-2026-0157): The available documents consistently describe an out-of-bounds read in RtcpHeader::decodeRtcpHeader, caused by a missing bounds check. This leads to remote information disclosure without requiring user interaction; exploitation can occur over the network. The ...
SUSE-SU-2026:2327-1 Security update for go1.26
This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...
CVE-2026-0049
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
Linux Distros Unpatched Vulnerability : CVE-2026-5124
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of th...
CVE-2026-5124
The CVE-2026-5124 entry concerns osrg GoBGP up to 4.3.0. Affected is BGPHeader.DecodeFromBytes in pkg/packet/bgp/bgp.go (BGP Header Handler). The issue is improper access controls with remote exploitation possible, reported as high complexity and low ease of exploitation. A patch is identified by...
CVE-2026-31973
SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...
CVE-2026-31973
SAMtools includes a NULL pointer dereference in the cram-size path of CRAM header handling: if cram_decode_compression_header() returns an error, a NULL pointer dereference may occur, crashing the program. This affects 1.17+ before fixes. The available connected advisories confirm fixes in versio...
CVE-2026-31973 NULL pointer dereference in samtools cram-size
SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...
CVE-2025-59733
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...
PYSEC-2016-39
An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...
UBUNTU-CVE-2016-9037
An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...
PYSEC-2016-39
An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...
PT-2016-7630 · Tarantool · Tarantool
Name of the Vulnerable Software and Affected Versions: Tarantool version 1.7.2.0-g8e92715 Description: The issue is related to an out-of-bounds array access in the xrow header decode function. A specially crafted packet can cause the function to access an element outside the bounds of a global...