44 matches found
freerdp: FreeRDP heap-buffer-overflow
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...
freerdp: FreeRDP heap-buffer-overflow
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...
freerdp: FreeRDP heap-buffer-overflow
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...
freerdp: FreeRDP heap-buffer-overflow
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...
freerdp: FreeRDP heap-buffer-overflow
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...
CVE-2026-24807
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via improper validation in the SeekableOutputStream process. An attacker can cause memory corruption or execute arbitrary code by providing specially crafted PNG files. Remediation A fix was pushed into th...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop via the NoCloseOutputStream process. An attacker can cause the application to enter an infinite loop and exhaust system resources by sending specially crafted input to the affected stream writer. Remediation A fix was push...
Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects all versions...
CVE-2026-24807 Buffer Overflow Vulnerability in liuyueyi/quick-media
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...
CVE-2026-24807 Buffer Overflow Vulnerability in liuyueyi/quick-media
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...
CVE-2026-24807
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...
EUVD-2026-4759
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...
CVE-2026-24807
CVE-2026-24807 affects liuyueyi quick-media (before v1.0), specifically the SeekableOutputStream.java path under plugins/svg-plugin/batik-codec-fix. The issue is described as Improper Verification of Cryptographic Signature, with root cause in verification flow, and multiple feeds show impact var...
PT-2026-4882
Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media:...
PT-2026-2932
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description A heap-buffer-overflow can occur in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound. This allows an oversized re...
Missing Authentication for Critical Function
Overview talkpipe is a Python internal and external DSL for writing generative AI analytics Affected versions of this package are vulnerable to Missing Authentication for Critical Function due to the CORS middleware, which allowed requests from any origin , without needing to provide any form of...
Linux Distros Unpatched Vulnerability : CVE-2019-3557
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The implementations of streams for bz2 and php://output improperly implemented their readImpl functions, returning -1 consistently. This behavior caused some...
Linux Distros Unpatched Vulnerability : CVE-2023-6865
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EncryptingOutputStream was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have...
org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files
A flaw was found in Apache CXF. In some edge cases with large data stream caching, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system and trigger a denial of service...