Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gstreamer1-plugins-bad-free (UTSA-2026-021390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021390 advisory. GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affect...

PT-2026-40198

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-32753

Name of the Vulnerable Software and Affected Versions Windows Client Side Caching driver csc.sys affected versions not specified Description A heap-based buffer overflow in the Windows Client Side Caching driver csc.sys allows an authorized attacker to elevate privileges locally. A heap-based...

CVE-2026-34119

CVE-2026-34119 — TP-Link Tapo C520WS (v2.6) shows a heap-based buffer overflow in the HTTP parsing loop when appending segmented request bodies, due to insufficient boundary validation for externally supplied HTTP input. The issue can allow heap memory corruption on the device when an attacker on...

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Adobe Illustrator versions 29.8.4, 30.1 and earlier. The vulnerabilities are in how Adobe Illustrator processes specially crafted files. This includes an Untrusted Search Path vulnerability, an out-of-bounds write vulnerability, a stack-based buffer overflow...

PT-2026-7350

Name of the Vulnerable Software and Affected Versions Microsoft Graphics Component affected versions not specified Description A heap-based buffer overflow exists in the Microsoft Graphics Component. This issue allows a local attacker to gain elevated privileges on the system. The vulnerability...

CVE-2026-24822

Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper src modules. This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1...

Important: openexr

Issue Overview: Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required ...

CVE-2023-25222

A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12.5 via the bitreadRC function at bits.c...

CVE-2023-29073

A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2018-19762

There is a heap-based buffer overflow at fromsixel.c function: imagebufferresize in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact...

CVE-2021-33485

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow...

CVE-2021-31802

NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow that is exploitable from the local network without authentication. The vulnerability exists within the handling of an HTTP request. An attacker can leverage this to execute code as root. The problem is that a user-provided length...

CVE-2022-33967

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service DoS condition or arbitrary code...

CVE-2017-18644

An issue was discovered on Samsung mobile devices with L5.1, M6.x, and N7.x software. There is a muicsetregsel heap-based buffer overflow during the reading of MUIC register values. The Samsung ID is SVE-2017-10011 December 2017...

CVE-2024-41593

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to execute arbitrary code via the function ftpayloaddns, because a byte sign-extension operation occurs for the length argument of a memcpy call, leading to a heap-based Buffer Overflow...

CVE-2024-34771

A vulnerability has been identified in Solid Edge All versions V224.0 Update 2. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...

CVE-2025-1538

A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this vulnerability is the function setwsaction of the file /dws/api/. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and m...

CVE-2025-15274 FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

FontForge SFD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a...