19292 matches found
Astra Linux – Vulnerability in libstb
stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...
Astra Linux – Vulnerability in Vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 9.0.0220...
Astra Linux – Vulnerability in imagemagick
The WriteOnePNGImage function from coders/png.c the PNG encoder contains a for loop with an improper exit condition, which may lead to an out-of-bounds READ operation due to a heap-buffer-overflow issue. This occurs because it is possible for the colormap to have fewer than 256 valid values, and...
Astra Linux – Vulnerability in exiv2
In Exiv2 0.27.99.0, the PngImage::readMetadata function in the pngimage.cpp file allows attackers to cause a denial of service heap-based buffer over-read through a crafted image file...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in ANGLE in Google Chrome prior to version 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in gst-plugins-bad1.0
GStreamer SRT File Parsing: Heap-Based Buffer Overflow and Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability, but the attack...
Astra Linux – Vulnerability in libraw
A flaw was discovered in LibRaw. A heap-buffer-overflow in the raw2imageex function, caused by a maliciously crafted file, may lead to an application crash...
CVE-2026-12447
A heap buffer overflow flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513405023...
UBUNTU-CVE-2026-45696
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...
CVE-2026-45696 OpenEXR HTJ2K decoder heap buffer over-read in ht_undo_impl() (DoS)
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...
CVE-2026-44663 OpenEXR: Integer overflow in the HTJ2K decoder leads to heap-buffer-overflow
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...
ImageMagick 7.x < 7.1.2-24 Heap Buffer Over-write (CVE-2026-48724)
The remote host has a version of ImageMagick 7.x installed that is prior to 7.1.2-24. It is, therefore, affected by a heap buffer over-write vulnerability: - When using an image with mask the Floyd-Steinberg dithering method will cause a negative heap buffer over-write. CVE-2026-48724 Note that...
Heap Buffer Overflow
Electron is vulnerable to Heap Buffer Overflow. The vulnerability is due to incorrect byte length calculations in Buffer operations, which allows an attacker to trigger out-of-bounds memory access resulting in heap buffer overflows or underflows...
libpng: libpng: Arbitrary code execution due to use-after-free vulnerability
A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...
SUSE-SU-2026:2403-1 Security update for openssl-1_1
This update for openssl-11 fixes the following issues: - CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7verify bsc1266357. - CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption bsc1266349. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption bsc1266341....
RHEL 10 : gnutls (RHSA-2026:26409)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26409 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such ...
SQLite < 3.53.2 Multiple Heap Buffer Overflows
The version of SQLite installed on the remote host is prior to 3.53.2. It is, therefore, affected by multiple vulnerabilities: - A heap-based buffer overflow vulnerability in the FTS5 full-text search extension allows attackers to cause a crash or execute arbitrary code by supplying a crafted...
EUVD-2025-210150
A heap buffer overflow in the gfisomvpconfignew function isomedia/avcext.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
EUVD-2025-210145
A heap buffer overflow in the gfcencsetpssh function isomedia/drmsample.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...