6849 matches found
CVE-2026-2245 CCExtractor MPEG-TS File ts_tables.c parse_PMT out-of-bounds
A vulnerability was identified in CCExtractor up to 183. This affects the function parsePAT/parsePMT in the library src/libccx/tstables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...
CVE-2026-24682
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure i + i, leading to out-of-bounds access in audioformatsfree. This vulnerability is fixed in 3.22.0...
CVE-2026-24682
CVE-2026-24682 affects FreeRDP prior to 3.22.0, where audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), causing an out-of-bounds access in audio_formats_free. Alpine and Debian advisories corroborate the same description. The issue is fixed in version ...
CVE-2026-24682 FreeRDP has a Heap-buffer-overflow in audio_formats_free
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure i + i, leading to out-of-bounds access in audioformatsfree. This vulnerability is fixed in 3.22.0...
CVE-2026-24682 FreeRDP has a Heap-buffer-overflow in audio_formats_free
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure i + i, leading to out-of-bounds access in audioformatsfree. This vulnerability is fixed in 3.22.0...
CVE-2026-24682
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure i + i, leading to out-of-bounds access in audioformatsfree. This vulnerability is fixed in 3.22.0...
CVE-2026-24682 FreeRDP has a Heap-buffer-overflow in audio_formats_free
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audinserverrecvformats frees an incorrect number of audio formats on parse failure i + i, leading to out-of-bounds access in audioformatsfree. This vulnerability is fixed in 3.22.0...
OSV-2026-209 Use-of-uninitialized-value in ntrip_parse_url
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482281265 Crash type: Use-of-uninitialized-value Crash state: ntripparseurl FuzzClient.c...
PT-2026-7150
Name of the Vulnerable Software and Affected Versions Axios versions prior to 1.13.5 Description The mergeConfig function in the Axios library is susceptible to crashing when processing configuration objects that include proto as an own property. An attacker can exploit this by sending a speciall...
Security Bulletin: qs parse module DoS vulnerability: arrayLimit bypass via bracket notation allows memory exhaustion (qs < 6.14.1)
Summary An input validation flaw in qs 6.14.1 allows attackers to bypass arrayLimit using bracket notation a=x, leading to unauthenticated HTTP denial-of-service via memory exhaustion. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse...
OSV-2026-203 Segv on unknown address in glslang::TIntermediate::addSymbol
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481635421 Crash type: Segv on unknown address Crash state: glslang::TIntermediate::addSymbol glslang::HlslParseContext::handleFunctionCall glslang::HlslParseContext::transformEntryPoint...
Linux Distros Unpatched Vulnerability : CVE-2025-58190
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an...
AZL-76880 CVE-2025-58190 affecting package cf-cli 8.7.11-4
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76913 CVE-2025-58190 affecting package containerized-data-importer 1.62.0-1
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-77102 CVE-2025-58190 affecting package telegraf 1.31.0-12
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76827 CVE-2025-58190 affecting package cert-manager for versions less than 1.11.2-27
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-77093 CVE-2025-58190 affecting package sriov-network-device-plugin 3.7.0-4
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76988 CVE-2025-58190 affecting package influxdb 2.7.5-10
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76889 CVE-2025-58190 affecting package cloud-provider-kubevirt 0.5.1-2
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...
AZL-76811 CVE-2025-58190 affecting package yq 4.45.1-1
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...