AlmaLinux 10 : httpd (ALSA-2026:21433)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21433 advisory. httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due...

Astra Linux - уязвимость в libsdl1.2, libsdl2

In SDLGetRGB in the video/SDLpixels.c file, there is a heap-based buffer over-read issue in versions from 1.2.15 up to 2.x, and from 2.0.9 onwards...

Astra Linux - уязвимость в libsdl2

SDL Simple DirectMedia Layer version 2.0.12 has a heap-based buffer over-read issue in the function Blit3or4to3or4inversedrgb in the file video/SDLblitN.c, caused by a malicious .BMP file...

Linux Distros Unpatched Vulnerability : CVE-2019-18849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat...

Linux Distros Unpatched Vulnerability : CVE-2019-13391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has a heap-based buffer over-read because of incorrect calls to GetCacheViewVirtualPixels...

Linux Distros Unpatched Vulnerability : CVE-2019-19777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbiloadmain. CVE-2019-19777 Note that...

Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: CVE-2025-32460: Fixed a heap-based buffer over-read in ReadJXLImage. bsc1241150 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can...

SUSE CVE-2025-32460

GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call...

hdf5: multiple CVEs

HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5Odtypeencodehelper in H5Odtype.c...

PT-2024-6204 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to a heap-based buffer over-read in the H5HL fl deserialize function located in the H5HLcache.c file of the HDF5 Library. This can potentially allow an attacker to impact...

SUSE CVE-2018-7438

An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...

SUSE CVE-2018-14046

Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp...

SUSE CVE-2018-19664

libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the putpixelrows function in wrbmp.c, as demonstrated by djpeg...

SUSE CVE-2018-19758

There is a heap-based buffer over-read at wav.c in wavwriteheader in libsndfile 1.0.28 that will cause a denial of service...

SUSE CVE-2019-6286

In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skipoverscopes in prelexer.hpp when called from Sass::Parser::parseimport, a similar issue to CVE-2018-11693...

SUSE CVE-2019-20910

An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in decodeR13R2000 in decode.c, a different vulnerability than CVE-2019-20011...

SUSE CVE-2020-6609

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in readpagesmap in decoder2007.c...

SUSE CVE-2020-36278

Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c...

CVE-2022-34300

In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData...

PT-2022-18710 · Tcpreplay +2 · Tcpreplay +2

Name of the Vulnerable Software and Affected Versions: Tcpreplay version 4.4.1 Description: The issue is related to a heap-based buffer over-read in the parse mpls function located in common/get.c. This occurs in the tcpprep component of Tcpreplay. Recommendations: For Tcpreplay version 4.4.1, at...