CVE-2026-2517 Open5GS SMF types.c ogs_gtp2_parse_tft denial of service

A security flaw has been discovered in Open5GS up to 2.7.6. This vulnerability affects the function ogsgtp2parsetft in the library lib/gtp/v2/types.c of the component SMF. Performing a manipulation of the argument pf0.content.length results in denial of service. The attack is possible to be carri...

CVE-2025-71197 w1: therm: Fix off-by-one buffer overflow in alarms_store

In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarmsstore The sysfs buffer passed to alarmsstore is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byt...

JLSEC-2025-62 An issue was discovered in libexpat before 2.6.3

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

EUVD-2021-6871

Malicious code in bioql PyPI...

EUVD-2024-33837

Malicious code in bioql PyPI...

CVE-2025-7275

IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-6660

PDF-XChange Editor is affected by a GIF file parsing heap-based buffer overflow that leads to remote code execution. The flaw stems from insufficient validation of user-supplied GIF data before copying to a fixed-length heap buffer, allowing code execution in the current process. The CVE-2025-666...

CVE-2025-3481 MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The specif...

CVE-2025-2012 Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

Linux Distros Unpatched Vulnerability : CVE-2024-0444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary cod...

CVE-2025-1052

Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mintty. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

Tungsten Automation Power PDF 缓冲区错误漏洞

Tungsten Automation Power PDF Kofax Power PDF is a powerful PDF processing software from Tungsten Automation. A buffer error vulnerability exists in Tungsten Automation Power PDF, which stems from a PDF file parsing issue that includes an out-of-bounds read. An attacker who exploited this...

Tungsten Automation Power PDF 缓冲区错误漏洞

Tungsten Automation Power PDF Kofax Power PDF is a powerful PDF processing software from Tungsten Automation. Tungsten Automation Power PDF suffers from a buffer error vulnerability that stems from a PDF file parsing issue that includes an out-of-bounds write problem. An attacker could exploit th...

IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files...

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

nbd buffer overflow vulnerability

nbd is a Linux kernel network block device tool. It is used to use remote block devices over TCP/IP networks. nbd versions prior to 3.24 of nbd-server suffer from a buffer overflow vulnerability that can be exploited by an attacker to cause a parsing buffer overflow in the name field by sending a...

SUSE-SU-2020:0114-1 Security update for python3

This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Waveread.readfmtchunk bsc1083507. - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ bsc1149955. - CVE-2019-15903: Fixed a heap-based buffer over-read i...

Security update for dosbox (important)

openSUSE Security Update: Security update for dosbox Announcement ID: openSUSE-SU-2019:1920-1 Rating: important References: 1140254 Cross-References: CVE-2019-12594 CVE-2019-7165 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now available. Descriptio...

dhcpd buffer overrun

The specific flaw exists within the parsing of the DHCP options in a DHCP ACK packet. The vulnerability is triggered when the LENGTH of an option, when added to the current read position, exceeds the actual length of the DHCP options buffer. An attacker can leverage this vulnerability to execute...

CentOS Update for expat CESA-2009:1625 centos4 i386

Check for the Version of expat OpenVAS Vulnerability Test CentOS Update for expat CESA-2009:1625 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...