CVE-2026-40312 ImageMagick: Off-by-One in MSL decoder could result in crash

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19...

Malicious code in node-memory-stream (npm)

The package node-memory-stream was found to contain malicious code...

MAL-2025-27632 Malicious code in node-memory-stream (npm)

The package node-memory-stream was found to contain malicious code...

CVE-2024-3207

A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This vulnerability affects the function ReadUnsigned of the file src/Simd/SimdMemoryStream.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to the ReadUnsigned function of the file src/Simd/SimdMemoryStream.h. An attacker can execute arbitrary code or cause a denial of service condition by manipulating the input. Remediation Upgrade simd to...

Mozilla: Memory corruption in IPC CanvasTranslator

The Mozilla Foundation Security Advisory describes this flaw as: When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash...

SUSE CVE-2019-15694

TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. Vulnerability occurs due to the signdness error in processing MemOutStream. Exploitation of this vulnerability could potentially result into remote code execution. This...

UBUNTU-CVE-2022-40438

Buffer overflow vulnerability in function AP4MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file...

Denial of service due to reference expansion in versions earlier than 4.0

Impact The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those reference...

High severity vulnerability that affects PeterO.Cbor

Impact The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those reference...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or...