83 matches found
CVE-2026-32945 PJSIP is vulnerable to Heap-based Buffer Overflow through DNS parser
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
EUVD-2026-13519
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2026-32945
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a Heap-based Buffer Overflowvulnerability in the DNS parser's name length handler. Thisimpacts applications using PJSIP's built-in DNS resolver, such as those configured with...
CVE-2006-10002
XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters while SvPV gives...
CVE-2006-10002
XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption double free or corruption and crashes. A :utf8 PerlIO layer, parsestream in Expat.xs could overflow the XML input buffer because Perl's read returns decoded characters while SvPV gives...
CVE-2026-3081
GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
GHSA-F269-VFMQ-VJVJ Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client
Impact A server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. Patches Patched in the undici version v7.24.0 and v6.24....
Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-011 (ALASGIMP-2026-011)
The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-011 advisory. GIMP: PSD loader: heap-buffer-overflow in freadpascalstring no null terminator CVE-2026-2239 An integer overflow...
SUSE-SU-2026:0604-1 Security update for gimp
This update for gimp fixes the following issues: - CVE-2026-2272: integer overflow in ICO file handling can lead to a heap buffer overflow bsc1258000. - CVE-2026-2271: integer overflow in the PSP file parser can lead to a heap buffer overflow bsc1257999. - CVE-2026-2239: missing null terminator...
MiracleLinux 8 : dotnet3.1-3.1.417-1.el8.ML.1 (AXSA:2022-3098:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3098:04 advisory. dotnet: ASP.NET Denial of Service via FormPipeReader CVE-2022-24464 dotnet: double parser stack buffer overrun CVE-2022-24512 brotli: buffer overflo...
MiracleLinux 8 : dotnet5.0-5.0.212-1.el8.ML.1 (AXSA:2022-3097:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3097:08 advisory. dotnet: ASP.NET Denial of Service via FormPipeReader CVE-2022-24464 dotnet: double parser stack buffer overrun CVE-2022-24512 brotli: buffer overflo...
MiracleLinux 8 : grub2-2.02-90.1.0.1.el8 (AXSA:2021-1565:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1565:02 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...
Elastic Beats filebeat 7.0.x < 8.19.9 / 9.0.x < 9.1.9 / 9.2.x 9.2.3 Multiple Vulnerabilities
The version of Elastic Beats filebeat installed on the remote host is 7.0.x prior to 8.19.9, 9.0.x prior to 9.1.9, 9.2.x prior to 9.2.3. It is, therefore, affected by multiple vulnerabilities. - Improper Bounds Check CWE-787 in Packetbeat can allow a remote unauthenticated attacker to exploit a...
SUSE-SU-2026:0013-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2025-65955: possible use-after-free/double-free in Options::fontFamily when clearing a family can lead to crashes or memory corruption bsc1254435. - CVE-2025-66628: possible integer overflow in the TIM image parser's ReadTIMImage...
SUSE SLES15 / openSUSE 15 Security Update : mozjs52 (SUSE-SU-2025:4512-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4512-1 advisory. - CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 - CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 -...
ImageMagick < 7.1.2-10 Integer Overflow (GHSA-6hjr-v6g4-3fm8)
The remote Windows host has a version of ImageMagick installed that is prior to 7.1.2-10. It is, therefore, affected by an integer overflow vulnerability. ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM PSX TIM image parse...
CVE-2025-65803
An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service DoS via supplying a crafted PSD file...
Debian dsa-6065 : krita - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6065 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6065-1 [email protected] https://www.debian.org/security/...
EUVD-2008-2543
Malware in sbrugna...
CVE-2025-59149
Suricata (Open Information Security Foundation) 8.0.0 is affected by a vulnerability in rules that use ldap.responses.attribute_type with transforms, causing a stack buffer overflow during startup or rule reload. The issue is fixed in version 8.0.1. Workarounds include disabling rules that use ld...