321 matches found
Astra Linux – Vulnerability in gst-plugins-base1.0
GStreamer is a library for constructing graphs of media-handling components. A OOB-write vulnerability has been identified in the gstssaparse.c file’s gstssaparseremoveoverridecodes function. This function is responsible for parsing and removing SSA SubStation Alpha style override codes, which ar...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed overlapping copies within dmlcoremodeprogramming REASON &modelib-mp.Watermark and &locals-Watermark are the same address. Using memcpy may lead to unexpected behavior. SOLUTION memmove should be used instea...
CVE-2026-46433
Heap OOB Read in VLAN Decapsulation memmove...
SUSE CVE-2026-41257
jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond 1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for a...
CVE-2026-41257
jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...
CVE-2026-41257
jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...
EUVD-2026-29163
jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...
CVE-2026-41257
jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...
Exploit for Operator Precedence Logic Error in Freebsd
CVE-2026-7270 FreeBSD local privilege escalation via exec...
CVE-2026-8084
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
CVE-2026-8084 OSGeo gdal HDF-EOS Grid File SWapi.c memmove out-of-bounds
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
CVE-2026-8084 OSGeo gdal HDF-EOS Grid File SWapi.c memmove out-of-bounds
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
CVE-2026-8084
OSGeo GDAL contains a local, out-of-bounds read vulnerability in the HDF-EOS Grid File Handler (SWapi.c memmove) affecting up to 3.13.0dev-4. The issue is restricted to local execution and has publicly disclosed exploit information. Resolution is available by upgrading the affected component to ...
CVE-2026-8084
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
OSGeo gdal 缓冲区错误漏洞
OSGeo GDAL is an open-source geospatial raster and vector data processing library developed by OSGeo. OSGeo GDAL versions 3.13.0dev-4 and earlier contain a buffer error vulnerability. This vulnerability stems from a function called memmove in the frmts/hdf4/hdf-eos/SWapi.c file, which is part of...
CVE-2026-8084
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...
CVE-2026-31716 fs/ntfs3: validate rec->used in journal-replay file record check
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec-used in journal-replay file record check checkfilerecord validates rec-total against the record size but never validates rec-used. The doaction journal-replay handlers read rec-used from disk and use it to...
JLSEC-2026-354
HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...
CLSA-2026-1777307383 lz4: Fix of CVE-2021-3520
CVE-2021-3520: Fix potential memory corruption with negative memmove size...
Important: vim
Issue Overview: When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctl...