35914 matches found
CVE-2026-14759
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack...
CVE-2026-14759
radareorg radare2 up to 6.1.6 is affected by a heap-based overflow in r_bin_java_inner_classes_attr_calc_size (shlr/java/class.c). The vulnerability is triggered via local manipulation of input and has a public exploit; a patch (commit cd62d15a6cbecdc67fd03f3ebdbbbeb741d18f87) is available to fix...
EUVD-2026-41769
A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack...
EUVD-2026-41601
A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...
CVE-2026-14610
The CVE-2026-14610 issue affects the Open Asset Import Library Assimp up to 6.0.5, specifically the CSM File Handler’s CSMLoader.cpp path and the function Assimp::CSMImporter::InternReadFile. The vulnerability is a heap-based buffer overflow caused by manipulation in this code path, with local ex...
CVE-2026-56645
Heap-based buffer overflow in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
EUVD-2026-41560
A flaw was found in GIMP's Paint Shop Pro PSP file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service DoS by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the...
CVE-2026-58379
The CVE-2026-58379 vulnerability affects GIMP 's Paint Shop Pro (PSP) file format parser. It is a heap buffer overflow caused by incorrect buffer size calculations when processing low bit-depth PSP images , which can lead to arbitrary code execution or DoS when a user opens a crafted image. The p...
CVE-2026-13574
A flaw was found in llvm. A local attacker could exploit a heap-based buffer overflow vulnerability in the GCRelocateInst::getBasePtr function within the Bitcode File Handler component. This flaw could lead to a denial of service, making the affected system unavailable...
CVE-2026-48706
A flaw was found in Envoy, an open-source edge and service proxy. An attacker can exploit a heap write overflow vulnerability in Envoy's TCP StatsD sink by sending exceptionally long statistic names, such as those found in HTTP or gRPC request paths. This can lead to a denial-of-service, causing...
EUVD-2026-41155
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
Linux Distros Unpatched Vulnerability : CVE-2026-54696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 through 2.19.8 are vulnerable to heap buffer overflow when the JSON generator is provided with an...
Linux Distros Unpatched Vulnerability : CVE-2026-54896
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a he...
Linux Distros Unpatched Vulnerability : CVE-2026-55597
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-26, an incorrect handling of arguments can...
Linux Distros Unpatched Vulnerability : CVE-2026-53329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as capacity vector-structsize using uint32t...
Linux Distros Unpatched Vulnerability : CVE-2026-55577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow...
UBUNTU-CVE-2026-53329
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Use kreallocarray in dalvectorreserve Why & How dalvectorreserve computes the allocation size as "capacity vector-structsize" using uint32t arithmetic, which can silently wrap to a small value on overflow. This...
CVE-2026-14427
Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-14385
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2026-55577
A flaw was found in ImageMagick, free and open-source software for editing and manipulating digital images. A heap buffer overflow occurs in the MVG Magick Vector Graphics decoder when processing a specially crafted image. This vulnerability could allow an attacker to cause an out-of-bounds write...