4 matches found
DEBIAN-CVE-2026-35444
SDLimage is a library to load images of various formats as SDL surfaces. In dolayersurface in src/IMGxcf.c, pixel index values from decoded XCF tile data are used directly as colormap indices without validating them against the colormap size cmnum. A crafted .xcf file with a small colormap and...
ALSA-2026:6004 Important: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write ...
radare2 denial of service vulnerability (CNVD-2018-12205)
Radare2 is a complete framework for reverse engineering and analyzing binaries, consisting of a series of small utilities that can be used together or independently of the command line. A denial of service vulnerability exists in the inststs function in radare2 2.5.0. A remote attacker can exploi...
UBUNTU-CVE-2017-7184
The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...