17721 matches found
CVE-2026-51218
The CVE-2026-51218 entry concerns snap7 v1.4.3 and a heap buffer overflow in TS7Worker::PerformFunctionWrite() located in /core/s7_server.cpp. Attackers can cause a Denial of Service by sending a crafted packet. Affected component is the write function within the S7 server implementation; impact ...
CVE-2026-51219
A heap buffer overflow in the HighPriorityASDUQueuehasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service DoS via a crafted payload...
CVE-2026-51219
CVE-2026-51219 affects lib60870 (versions 2.3.3–2.3.6) and arises from a heap buffer overflow in HighPriorityASDUQueue_hasUnconfirmedIMessages. The issue can allow a Denial of Service via a crafted payload. The connected documents identify the affected component and function, and specify the vuln...
autotrace security update
An update is available for autotrace. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list AutoTrace is a program for converting bitmaps to vector graphics. Security...
RLSA-2023:3067 Moderate: autotrace security update
AutoTrace is a program for converting bitmaps to vector graphics. Security Fixes: autotrace: heap-buffer overflow via the ReadImage at input-bmp.c CVE-2022-32323 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer t...
jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow
...
SUSE-SU-2026:22378-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues Security issues: - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. - CVE-2026-42326: Information disclosure via malicious IPTC input file bsc1268092. - CVE-2026-45031: Denial of Service due to resource policy bypass in PSD...
EUVD-2026-39582
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability...
Oracle Linux 8 : 389-ds:1.4 (ELSA-2026-26459)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26459 advisory. - Resolves: RHEL-178076 - CVE-2026-9064 389-ds:1.4/389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification...
CVE-2026-6679
CVE-2026-6679 describes a heap buffer overflow in the DTLS 1.3 ACK serialization path that occurs before the peer is authenticated. The root cause is an integer truncation when computing the length of the ACK record-number list, which leads to an undersized buffer and an overrun. Impact is on wol...
UBUNTU-CVE-2026-12844
List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise collects the values returned by the block into a heap buffer sized to the longer input array, then grows the buffer before each copy with a single quadrupling alloc = 2 instead of a...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, a underflow of the sizet variable in the IMA-ADPCM and MS-ADPCM audio decoders led to a heap-buffer-overflow issue through the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in PDFium in Google Chrome prior to version 147.0.7727.101 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted PDF file. Chromium security severity: High...
Astra Linux – Vulnerability in GIMP
A flaw was discovered in GIMP. A heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodechoice In decodechoice, the boundary check before getlen uses the variable len, which remains 0 after initialization at the beginning of the function: unsigned int type, ext, len ...
Astra Linux – Vulnerability in binutils
A flaw was discovered in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code...
MGASA-2026-0229 Updated podofo packages fix security vulnerabilities
Podofo v0.9.8 shares some of the vulnerable code that was discovered in Podofo v0.10.0. This package fixes that. CVE-2023-31567 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31568 Podofo v0.10.0 was discovered ...
OPENSUSE-SU-2026:21011-1 Security update for 389-ds
This update for 389-ds fixes the following issue - CVE-2026-9064: unbounded LDAP controls count in getldapmessagecontrolsext can lead to amplified CPU time and heap allocation and a denial of service bsc1265898. Changes for 389-ds: - Update to version 3.0.6git337.647f49042: Issue 7541 -...
SUSE-SU-2026:22315-1 Security update for openssl-3
This update for openssl-3 fixes the following issues - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based...
CVE-2026-12030
The following flaw was identified in the Chromium browser: Heap buffer overflow GPU. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518007423...