Security update for libraw

This update for libraw fixes the following issues: CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. CVE-2026-20889: heap-based buffer overflow in x3fthumbloaderbsc1261672...

GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library from 2.7 to 2.43 contained security vulnerabilities. These vulnerabilities stemmed from the use of %mc and format specifiers with a width...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Microsoft Edge (Chromium) < 146.0.3856.84 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 146.0.3856.84. It is, therefore, affected by multiple vulnerabilities as referenced in the March 27, 2026 advisory. - Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to...

CVE-2026-0006

In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Medium: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple...

::Engine security vulnerabilities

is::Engine is a game engine developed by Is Daouda personally. Versions of is::Engine prior to 3.3.4 contained security vulnerabilities, which were caused by out-of-bound writes and heap-based buffer overflows...

MiracleLinux 8 : userspace graphics, xorg-x11, and mesa, xorg-x11-server-1.20.10-1.el8 (AXSA:2021-2100:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2100:01 advisory. xorg-x11-server: Out-of-bounds access in XkbSetNames function CVE-2020-14345 xorg-x11-server: Integer underflow in the X input extension protocol...

MiracleLinux 7 : rsyslog-8.24.0-52.el7 (AXSA:2020-4536:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4536:02 advisory. rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17041 rsyslog: heap-based overflow in...

OpenEXR < 3.4.3 -- multiple vulnerabilities

Cary Phillips reports: Patch release that addresses several bugs, primarily involving properly rejecting corrupt input data. He goes on to report various relevant items including heap buffer overflows, use-after-free, use of uninitialized memory and other bugs, several of them found by OSS-fuzz,...

EUVD-2018-3332

Malware in sbrugna...

EUVD-2021-21031

Malware in sbrugna...

EUVD-2017-15369

Malware in sbrugna...

EUVD-2019-7632

Malware in sbrugna...

RLSA-2025:9162 Important: gimp security update

The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. Security Fixes: gimp: Multiple...

SUSE-SU-2025:03164-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-55004: Fixed heap buffer over-read in in ReadOneMNGIMage when processing images with separate alpha channels bsc1248076. - CVE-2025-55005: Fixed heap buffer overflow when transforming from Log to sRGB colorspaces bsc1248077. -...

awesome-windows-exploitation

This is a curated list of Windows Exploitation resources and tools. The list is organized by category, including Windows stack overflows, Windows heap overflows, kernel-based Windows overflows, Windows kernel memory corruption, return-oriented programming, Windows memory protections, bypassing...

GHSA-77H3-W9RX-HJ3Q User-defined implementations of the safe trait scratchpad::Tracking can cause heap buffer overflows

The get and set methods of the public trait scratchpad::Tracking interact with unsafe code regions in the crate, and they influence the computation of addresses returned as raw pointers. However, the trait itself is not marked as unsafe, meaning users may provide custom implementations under the...

IBM Informix Dynamic Server Buffer Error Vulnerability

IBM Informix Dynamic Server IDS is a scalable object-relational database server from International Business Machines IBM that provides clustered data centers with features such as continuous data availability and disaster recovery. A security vulnerability exists in IBM Informix Dynamic Server...

zlib Input Validation Error Vulnerability

zlib is a general-purpose data compression library by Mark Adler, an individual developer in the United States. An input validation error vulnerability exists in zlib 1.3 and earlier versions, which stems from the presence of integer overflows and heap-based buffer overflows...