2535 matches found
CVE-2026-42953
The application contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution...
PT-2026-56269
Name of the Vulnerable Software and Affected Versions Labcenter Proteus version 9 Description An out-of-bounds write issue exists where an attacker can cause the program to write data beyond the end of an allocated memory buffer, potentially leading to arbitrary code execution. Recommendations...
ROS-20260707-73-0014
The vulnerability of the gdiCacheToSurface function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause a service failure by sending specially crafted RDPGFX packets...
PYSEC-2026-716 Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV
OpenCV Open Source Computer Vision Library through 3.3 corresponding to OpenCV-Python 3.3.0.9 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmtbmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy...
PYSEC-2026-699 Improper Restriction of Operations within the Bounds of a Memory Buffer in OpenCV
In modules/imgcodecs/src/grfmtpxm.cpp, the length of buffer AutoBuffer src is small than expected, which will cause copy buffer overflow later. If the image is from remote, may lead to remote code execution or denial of service. This affects OpenCV 3.3 corresponding to OpenCV-Python 3.3.0.9 and...
The vulnerability of the ngx_http_charset_module module in NGINX Plus and NGINX Open Source web servers allows a perpetrator to gain unauthorized access to protected information or cause service failures.
The vulnerability of the ngxhttpcharsetmodule module in NGINX Plus and NGINX Open Source web servers is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information or cause...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892
Summary IBM Maximo Application Suite - Visual Inspection component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details...
CVE-2026-53540 Python-Multipart: Negative Content-Length in parse_form buffers the entire body in memory
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded...
ROS-20260622-73-0015
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
ROS-20260622-73-0028
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability affects the Audio/Video components of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, allowing an attacker to execute arbitrary code.
The vulnerability of the Audio/Video components in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. This allows an attacker to execute arbitrary code or cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. This allows an attacker to execute arbitrary code or cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple issues in Cryptography [CVE-2026-34073] [CVE-2026-39892]
Summary IBM Watson Speech Services Cartridge is vulnerable to Improper Certificate Validation and Improper Restriction of Operations within the Bounds of a Memory Buffer in Cryptography CVE-2026-34073 CVE-2026-39892. Cryptography is used in our speech runtimes. This vulnerabilitiy has been...
ROS-20260618-73-0008
The vulnerability of the ReadXBMImage function in the console-based ImageMagick graphics editor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
ROS-20260618-73-0007
The vulnerability of the ReadXBMImage function in the console-based ImageMagick graphics editor is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of the Windows NT OS Kernel component allows attackers to enhance their privileges.
The vulnerability of the Windows NT OS Kernel component involves overflow in the dynamic memory buffer. Exploiting this vulnerability can allow an attacker to increase their privileges...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering_Toolkits
No d...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Treck Tcp\/Ip
No d...
ROS-20260611-73-0011
The vulnerability of the cleardecompressresidualdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...