CVE-2026-31826 pypdf: manipulated stream length values can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. Thi...

SUSE CVE-2014-1736

Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value...

EulerOS 2.0 SP5 : libdwarf (EulerOS-SA-2019-2204)

According to the versions of the libdwarf package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - dwarfleb.c in libdwarf allows attackers to cause a denial of service SIGSEGV.CVE-2015-8538 - The dwarfdealloc function in libdwarf before...

CVE-2017-13147

In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value...

OpenSSL Denial of Service Vulnerability

OpenSSL is an open source capable of implementing the Secure Sockets Layer SSL v2/v3 and Secure Transport Layer TLS v1 protocols developed by the OpenSSL team as a general-purpose cryptographic library that supports a wide range of cryptographic algorithms including symmetric ciphers, hash...

CVE-2015-5590

Stack-based buffer overflow in the pharfixfilepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling...

CVE-2009-0388

Multiple integer signedness errors in 1 UltraVNC 1.0.2 and 1.0.5 and 2 TightVnc 1.3.9 allow remote VNC servers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code via a large length value in a message, related to the a...

CVE-2008-0247

Heap-based buffer overflow in the Express Backup Server service dsmsvc.exe in IBM Tivoli Storage Manager TSM Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value...

CVE-2007-5902

Integer overflow in the svcauthgssgetprincipal function in lib/rpc/svcauthgss.c in MIT Kerberos 5 krb5 allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request...