7528 matches found
CVE-2026-3308
An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...
UBUNTU-CVE-2026-3308
An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the gdkpixbufjpegimageload function of the JPEG image loader. An attacker can cause application crashes and disrupt service availability by submitting a specially crafted JPEG image that triggers improper...
CVE-2026-3308
An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...
CVE-2026-5186 Nothings stb Multi-frame GIF File stb_image.h stbi__load_gif_main double free
A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...
CVE-2026-5186
A weakness has been identified in Nothings stb up to 2.30. This impacts the function stbiloadgifmain of the file stbimage.h of the component Multi-frame GIF File Handler. This manipulation causes double free. The attack requires local access. The exploit has been made available to the public and...
CVE-2026-5185
A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...
CVE-2026-5185 Nothings stb_image Multi-frame GIF File stb_image.h stbi__gif_load_next heap-based overflow
A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...
CVE-2026-34070 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions
LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an...
CVE-2026-34070 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions
LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an...
CVE-2026-34070 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions
LangChain is a framework for building agents and LLM-powered applications. Prior to version 1.2.22, multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an...
CVE-2026-34070
CVE-2026-34070 affects LangChain Core prior to 1.2.22, where multiple functions in langchain_core.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injections. An attacker could read arbitrary host files whe...
[SECURITY] Fedora 42 Update: perl-YAML-Syck-1.39-1.fc42
This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...
[SECURITY] Fedora 43 Update: perl-YAML-Syck-1.39-1.fc43
This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...
[SECURITY] Fedora 44 Update: perl-YAML-Syck-1.39-1.fc44
This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around...
stb 安全漏洞
STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 2.30 contained security vulnerabilities, which stemmed from incorrect operations on the stbigifloadnext function in the stbimage.h file, potentially leading to heap buffer overflows...
HAPI FHIR 安全漏洞
HAPI FHIR is an open-source Java-based HL7 FHIR API developed by HAPI FHIR. Versions of HAPI FHIR prior to 6.9.4 contained security vulnerabilities. These vulnerabilities stemmed from the FHIR Validator HTTP service exposing unauthenticated /loadIG endpoints, and the credential provider had a fla...
PT-2026-29249
Name of the Vulnerable Software and Affected Versions MuPDF version 1.27.0 Description An integer overflow exists in the 'pdf-image.c' file within MuPDF version 1.27.0. A specially crafted PDF document can trigger an integer overflow within the pdf load image imp function. This can lead to a heap...
PT-2026-29164
Name of the Vulnerable Software and Affected Versions HAPI FHIR versions prior to 6.9.4 Description The HAPI FHIR Validator HTTP service exposes an unauthenticated ''/loadIG'' endpoint that makes outbound HTTP requests to attacker-controlled URLs. This, combined with a startsWith URL prefix...
FHIR Validator HTTP service has SSRF via /loadIG Chains with startsWith() Credential Leak for Authentication Token Theft
The FHIR Validator HTTP service exposes an unauthenticated /loadIG endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined with a startsWith URL prefix matching flaw in the credential provider ManagedWebAccessUtils.getServer, an attacker can steal authentication tokens...