EUVD-2026-31201

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

DEBIAN-CVE-2026-9149

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative size values in the repoaddsolv function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could...

UBUNTU-CVE-2016-4009

Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow...

DEBIAN-CVE-2010-2806

Array index error in the t42parsesfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based...