13 matches found
CVE-2026-56306
Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate headers that result in NaN or falsy values. Remote attackers can manipulate the x-limited-key-id header ...
EUVD-2025-208239
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session-ncphdrbuf in pilotparsingncp causes a denial of service...
CVE-2025-62817
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of session-ncphdrbuf in pilotparsingncp causes a denial of service...
CVE-2025-21054
Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...
EUVD-2025-33678
Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...
CVE-2025-21053
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...
The vulnerability of the `gf_opus_parse_packet_header` function in the `media_tools/av_parsers.c` file, implemented by the MP4Box packaging tool for the GPAC multimedia platform, allows a hacker to trigger a service failure.
The vulnerability of the gfopusparsepacketheader function in the mediatools/avparsers.c file, belonging to the MP4Box packaging tool of the GPAC multimedia platform, is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow a remote attacker to cause a service...
RHEL 9 : python3.12 (RHSA-2024:8447)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8447 advisory. Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It...
CVE-2023-35950
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within the code responsibl...
GHSA-WM2M-XRRP-J74C HTTP Request Smuggling in netius
netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks...
Updated python-httplib2 packages fix a security vulnerability
A malicious server which responds with long series of \xa0 characters in the www-authenticate header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said server CVE-2021-21240...
UBUNTU-CVE-2021-3185
A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution...
DEBIAN-CVE-2020-28851
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. x/text/language is supposed to be able to parse an HTTP Accept-Language header...