CVE-2026-40334

A flaw was found in libgphoto2, a camera access and control library. A missing null terminator in the ptpunpackCanonFE function, when processing a specially crafted 13-byte filename, can lead to an out-of-bounds read. This vulnerability may allow a local attacker with physical access to cause...

Linux Distros Unpatched Vulnerability : CVE-2026-40334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, a missing null terminator exists in ptpunpackCanonFE in...

PT-2026-33524

Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34 Description A missing null terminator exists in the ptp unpack Canon FE function within the camlibs/ptp2/ptp-pack.c file. The function uses strncpy to copy a filename into a 13-byte buffer without ensuring t...

CVE-2026-2239

A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the freadpascalstring function when processing a specially crafted PSD Photoshop Document file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read whe...

CVE-2026-23749 Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read

Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwisetransferinit accepts a path whose length equals CONFIGGOLIOTHCOAPMAXPATHLEN and copies it using strncpy without...

httpd: mod_macro: out-of-bounds read vulnerability

A flaw was found in the modmacro module of httpd. When processing a very long macro, the null byte terminator will not be added, leading to an out-of-bounds read, resulting in a crash...

PT-2023-17818 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In the parse printerAttributes function of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. This could lead to remote information disclosure with no...

SUSE CVE-2014-5355

MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...

SUSE CVE-2018-11362

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character...

ALPINE-CVE-2018-11362

In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing '\0' character...

UBUNTU-CVE-2014-5355

MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...

DEBIAN-CVE-2013-0179

The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a request to delete a key, which does not account for the lack of a null terminator in the ke...

DEBIAN-CVE-2013-7290

The doitemget function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a request to delete a key, which does not account for the lack of a null terminator in the key and...