14 matches found
CVE-2026-35469 SpdyStream: DOS on CRI
spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count ...
CVE-2026-35480
go-ipld-prime is an implementation of the InterPlanetary Linked Data IPLD spec interfaces, a batteries-included codec implementations of IPLD for CBOR and JSON, and tooling for basic operations on IPLD objects. Prior to 0.22.0, the DAG-CBOR decoder uses collection sizes declared in CBOR headers a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002933)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002933 advisory. An issue was discovered in the Linux kernel through 4.17.2. vbgmiscdeviceioctl in drivers/virt/vboxguest/vboxguestlinux.c reads the same user data twice with...
EUVD-2025-28926
Malicious code in bioql PyPI...
CVE-2025-39787 soc: qcom: mdt_loader: Ensure we don't read past the ELF header
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...
UBUNTU-CVE-2024-25617
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Value bug ,Squid may be vulnerable to a Denial of Service attack against HTTP header parsing. This problem allows a remote client or a remote server to perform Denial of...
GHSA-WGH7-54F2-X98R HTTP/2 HPACK integer overflow and buffer allocation
An integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size limit. In MetaDataBuilder.java, the following code determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded: java 291 public void...
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes via pdu_size in ksmbd_conn_handler_loop leading to an out-of-bounds read.
...
SUSE CVE-2023-38431
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdusize in ksmbdconnhandlerloop, leading to an out-of-bounds read...
CVE-2023-35849
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet...
SUSE CVE-2008-5237
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via 1 crafted width and height values that are not validated by the mymngprocessheader function in demuxmng.c before u...
Puppet Enterprise 2015.x < 2016.4.0 Denial of Service Vulnerability
According to its self-reported version number, the Puppet install running on the remote host is version 5.5.x prior to 2017.2.2. It is, therefore, affected by a denial of service DoS vulnerability which exists in the puppet communications protocol broker due to incorrect validation of message...
OpenJPEG Buffer Overflow Vulnerability (CNVD-2019-10143)
OpenJPEG is an open source JPEG 2000 codec written in C language. OpenJPEG 2.3.0 suffers from a heap buffer overflow vulnerability that originates from the program failing to check headerinfo.height and headerinfo.width in the 'pnmtoimage' function, which can be exploited by an attacker to execut...
UBUNTU-CVE-2018-10539
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocop...