105 matches found
Astra Linux - уязвимость в php7.3
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15, and 8.0.x below 8.0.2, when using the SOAP extension to connect to a SOAP server, a malicious SOAP server may return malformed XML data as a response. This could cause PHP to access a null pointer, resulting in a crash...
CVE-2026-34479
A flaw was found in the Apache Log4j 1-to-Log4j 2 bridge. The Log4j1XmlLayout component fails to properly escape characters forbidden by the XML 1.0 standard. This improper handling of characters results in malformed XML output, which can cause downstream log processing systems to drop or fail to...
CVE-2026-25582
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow read vulnerability in CIccIO::WriteUInt16Float when converting malformed XML to ICC profiles via...
CVE-2026-25582 iccDEV vulnerable to Heap Buffer Overflow in CIccIO::WriteUInt16Float()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow read vulnerability in CIccIO::WriteUInt16Float when converting malformed XML to ICC profiles via...
CVE-2026-25582
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow read vulnerability in CIccIO::WriteUInt16Float when converting malformed XML to ICC profiles via...
EUVD-2026-5320
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow read vulnerability in CIccIO::WriteUInt16Float when converting malformed XML to ICC profiles via...
CVE-2026-25582 iccDEV vulnerable to Heap Buffer Overflow in CIccIO::WriteUInt16Float()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow read vulnerability in CIccIO::WriteUInt16Float when converting malformed XML to ICC profiles via...
PT-2026-6327
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.3 Description iccDEV is a set of libraries and tools for interacting with ICC color management profiles. A heap buffer overflow read exists in the CIccIO::WriteUInt16Float function when converting malformed XML t...
iccDEV 缓冲区错误漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.3 contained a buffer error vulnerability. This vulnerability stemmed from the CIccIO::WriteUInt16Float function, which had a heap buffer overflow issue,...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Release of Invalid Pointer or Reference
Overview Affected versions of this package are vulnerable to Release of Invalid Pointer or Reference in the LoadOpenCLDeviceBenchmark function when parsing malformed XML files. An attacker can cause memory exhaustion and potential denial of service by placing specially crafted XML files with...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
ImageMagick has a Memory Leak in LoadOpenCLDeviceBenchmark() when parsing malformed XML
Summary A memory leak vulnerability exists in the LoadOpenCLDeviceBenchmark function in MagickCore/opencl.c. When parsing a malformed OpenCL device profile XML file that contains closing tags, the function fails to release allocated memory for string members platformname, vendorname, name, versio...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Release of Invalid Pointer or Reference
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...