OSV-2026-815 Heap-buffer-overflow in ihevcd_sao_shift_ctb

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422427 Crash type: Heap-buffer-overflow READ 1 Crash state: ihevcdsaoshiftctb ihevcdprocess ihevcdparseslicedata...

JLSEC-2026-519

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...

SUSE CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

UBUNTU-CVE-2026-44608

NLnet Labs Unbound 1.14.0 up to and including version 1.25.0 has a locking inconsistency vulnerability that when certain conditions are met multi-threaded, RPZ XFR reload, RPZ zone with 'rpz-nsip'/'rpz-nsdname' triggers it could result in heap use-after-free and eventual crash. An adversary can...

OSV-2026-759 UNKNOWN READ in bfd_getb32

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513690224 Crash type: UNKNOWN READ Crash state: bfdgetb32 nds32elflo12reloc bfdperformrelocation...

UBUNTU-CVE-2026-33007

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

Astra Linux – Vulnerability in Dbus

A issue was discovered in D-Bus before 1.12.24, 1.13.x, and 1.14.x, before 1.14.4, and 1.15.x, before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format...

OSV-2026-623 Use-of-uninitialized-value in Mat_PrintNumber

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=505903317 Crash type: Use-of-uninitialized-value Crash state: MatPrintNumber MatPrintData MatVarPrint...

OSV-2026-608 Stack-buffer-overflow in is_http

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504809218 Crash type: Stack-buffer-overflow READ Crash state: ishttp stungetmessagelenstr FuzzStunClient.c...

OSV-2026-196 Null-dereference READ in ubsan_GetStackTrace

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481752521 Crash type: Null-dereference READ Crash state: ubsanGetStackTrace...

EUVD-2021-29736

Malicious code in bioql PyPI...

OSV-2025-762 Use-of-uninitialized-value in fuzzer_send

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=445773944 Crash type: Use-of-uninitialized-value Crash state: fuzzersend SendBuffered SendFinished...

CVE-2025-59398

The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...

CVE-2024-11864

Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP...

CVE-2024-31078

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer dereference...

USN-6371-1 libssh2 vulnerability

It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash...

Memory corruption

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information...

AZL-27630 CVE-2023-39129 affecting package crash for versions less than 8.0.1-3

GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at /gdb/coff-pe-read.c...

USN-6048-1 ZenLib vulnerability

It was discovered that ZenLib doesn't check the return value of a specific operation before using it. An attacker could use a specially crafted input to crash programs using the library...

SUSE CVE-2019-11638

An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function recfieldnameequalp at rec-field-name.c in librec.a, leading to a crash...