CVE-2026-35170

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in BitParser::parseHeader that allows out-of-bounds heap memory access when parsing a crafted .bit file. No FPGA hardware is required to trigger this vulnerability...

CVE-2026-35170

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in BitParser::parseHeader that allows out-of-bounds heap memory access when parsing a crafted .bit file. No FPGA hardware is required to trigger this vulnerability...

CVE-2026-35170 openFPGALoader has a heap buffer overflow in BitParser::parseHeader() via crafted .bit file

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in BitParser::parseHeader that allows out-of-bounds heap memory access when parsing a crafted .bit file. No FPGA hardware is required to trigger this vulnerability...

CVE-2026-35170

Summary: CVE-2026-35170 affects openFPGALoader up to version 1.1.1. The issue is a heap-buffer-overflow in BitParser::parseHeader() when processing a crafted .bit file, enabling out-of-bounds heap memory access without requiring FPGA hardware. The available documents identify the vulnerability an...

EUVD-2026-19444

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in BitParser::parseHeader that allows out-of-bounds heap memory access when parsing a crafted .bit file. No FPGA hardware is required to trigger this vulnerability...

PT-2026-30709

openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in BitParser::parseHeader that allows out-of-bounds heap memory access when parsing a crafted .bit file. No FPGA hardware is required to trigger this vulnerability...

EUVD-2006-6923

Malware in sbrugna...

HTTP Request Smuggling

Tomcat Coyote is vulnerable to http request smuggling. The vulnerability exists in the parseHeader function of Http11InputBuffer.java because tomcat doesn't properly reject the requests containing invalid Content-Length headers which allows an attacker to smuggle HTTP requests...

Denial Of Service (DoS)

dicer is vulnerable to denial of service. The vulnerability exists in parseHeader function in HeaderParser.js due to the use of a variable h which allows an attacker to modify and send the form to server and crash the service...

openthread/ip6-send-fuzzer: Index-out-of-bounds in ot::Coap::Message::ParseHeader

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5162663452082176 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type:...

librawspeed: Crash in rawspeed::MrwDecoder::parseHeader

Project: https://github.com/darktable-org/rawspeed.git Detailed report: https://oss-fuzz.com/testcase?key=5479496968830976 Project: librawspeed Fuzzer: afllibrawspeedRawSpeedFuzzer Fuzz target binary: RawSpeedFuzzer Job Type: aflasanlibrawspeed Platform Id: linux Crash Type: UNKNOWN READ Crash...

CVE-2006-6940

Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA pop2owa 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message...

CVE-2006-6940

Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA pop2owa 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message...