EUVD-2026-32542

go-git is an extensible git implementation library written in pure Go. Prior to 5.19.0 and 6.0.0-alpha.3, go-git may parse malformed Git objects in a way that differs from upstream Git. When commit or tag objects contain ambiguous or malformed headers, go-git’s decoded representation may expose...

kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix geneveopt type confusion addition When handling multiple NFTATUNNELKEYOPTSGENEVE attributes, the parsing logic should place every geneveopt structure one by one compactly. Hence, when deciding the next...

A potential Denial of Service issue in protobuf-java

Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs including Kotlin and JRuby prior to the versions listed below. Protobuf "javalite" users typically Android are...

CVE-2021-41535

A vulnerability has been identified in NX 1953 Series All versions V1973.3700, NX 1980 Series All versions V1988, Solid Edge SE2021 All versions SE2021MP8. The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to...

Siemens Solid Edge 资源管理错误漏洞

Solid Edge is a 3D CAD, parametric feature and synchronous technology solid modeling software. versions prior to Siemens Solid Edge SE2021MP8 contain a post-release reuse vulnerability when parsing OBJ files. An attacker could exploit this vulnerability to execute code in the context of the curre...

Microsoft Edge - Chakra Incorrectly Parses Object Patterns

function f a: b = 0x1111, c = 0x2222, .c = 0x3333 = ; f;...

Microsoft Office Publisher /Word DoS

Crash on malformed .pub file with WordArt object parsing...