111432 matches found
vLLM <= 0.23.0 - Anthropic Router Heap Address Information Leak
vLLM = 0.23.0 incompletely fixes CVE-2026-22778. The original fix added sanitizemessage to the OpenAI router but the Anthropic-compatible router /v1/messages echoes strexc directly. id: CVE-2026-54236 info: name: vLLM = 0.23.0 - Anthropic Router Heap Address Information Leak author: kenlacroix...
vLLM 0.8.3 - 0.14.0 - Information Disclosure
vLLM 0.8.3 to - 0.14.1 contains an information disclosure caused by leaking a heap address in error messages from the multimodal endpoint when processing invalid images, letting remote attackers reduce ASLR entropy, exploit requires sending invalid images. id: CVE-2026-22778 info: name: vLLM 0.8....
CVE-2026-59198
A flaw was found in Pillow, a Python imaging library. When saving a mode 1 image with TGA RLE compression, the TGA RLE encoder reads beyond its allocated memory buffer. This out-of-bounds read allows adjacent process heap memory to be copied into the generated TGA file, potentially leading to...
MGASA-2026-0256 Updated poppler packages fix a security vulnerability
The updated packages fix a security vulnerability: Integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication. CVE-2026-10118...
EUVD-2026-44851
A heap overflow in the evalcommand function shell/ash.c of Busybox v1.38.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
EUVD-2026-44850
A heap overflow in the ifsbreakup function shell/ash.c of Busybox v1.38.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
CVE-2026-38754
A heap overflow in the ifsbreakup function shell/ash.c of Busybox v1.38.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
CVE-2026-38755
A heap overflow in the evalcommand function shell/ash.c of Busybox v1.38.0 allows attackers to cause a Denial of Service DoS via supplying a crafted input...
CVE-2026-40953
CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...
CVE-2026-50144
ncnn (mobile-optimized neural network framework) contains an out-of-bounds heap write in ParamDict::load_param() when loading a malicious .param model, caused by a negative parameter id indexing before params[NCNN_MAX_PARAM_COUNT]. This is exploitable via Net::load_param() and is fixed by commit ...
EUVD-2026-44784
CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...
CVE-2026-40953
CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...
CVE-2026-40953
CVE-2026-40953: heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Local access with administrator permissions can cause a denial of service on the client. Affected software is Secure Access clients (versions before 14.55); root cause is a heap overflow in ...
CVE-2026-40953 Heap overflow in Secure Access clients
CVE-2026-40953 is a heap overflow in the certificate parsing function of Secure Access clients prior to 14.55. Attackers with local access and administrator permissions can create a denial of service attack against the client over which they have control...
EUVD-2026-44729
ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0...
Security Bulletin: IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap (CVE-2026-6051)
Summary IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap. Vulnerability Details CVEID:CVE-2026-6051 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a...
CVE-2026-60065
When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...
CVE-2026-56434
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...
CVE-2026-42533
A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable i...
JLSEC-2026-759
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field...