CVE-2026-1416 GPAC filedump.c DumpMovieInfo null pointer dereference

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the file applications/mp4box/filedump.c. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released...

EUVD-2026-4695

A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gfmediaexportwebvttmetadata of the file src/mediatools/mediaexport.c. The manipulation of the argument Name leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and...

CVE-2026-1415 GPAC media_export.c gf_media_export_webvtt_metadata null pointer dereference

A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gfmediaexportwebvttmetadata of the file src/mediatools/mediaexport.c. The manipulation of the argument Name leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly available and...

PT-2026-4718

A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf media export webvtt metadata of the file src/media tools/media export.c. The manipulation of the argument Name leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly availab...

CVE-2026-1416

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the file applications/mp4box/filedump.c. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released...

Linux Distros Unpatched Vulnerability : CVE-2026-1417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This...

Linux Distros Unpatched Vulnerability : CVE-2026-1145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the function jstypedarrayconstructorta of the file quickjs.c. This...

CVE-2025-15536

A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made...

CVE-2025-15534

A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...

Astra Linux – Vulnerability in GhostScript

A vulnerability was discovered in Artifex GhostPDL, specifically at the address 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. This vulnerability has been classified as problematic. It affects the pdfferror function in the devices/vector/gdevpdf.c file, within the component named “New Output File Open...

EUVD-2026-1842

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

CVE-2025-20803

In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10199779; Issue ID: MSV-4504...

CVE-2025-20798

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5533...

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

CVE-2025-15418

A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function ogsgtp2parsebearerqos in the library lib/gtp/v2/types.c of the component Bearer QoS IE Length Handler. Performing a manipulation results in denial of service. The attack must be initiated fr...

CVE-2023-7331

A vulnerability was detected in PKrystian Full-Stack-Bank up to bf73a0179e3ff07c0d7dc35297cea0be0e5b1317. This vulnerability affects unknown code of the component User Handler. Performing manipulation results in sql injection. It is possible to initiate the attack remotely. This product is using ...

PT-2026-24938

A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svgin process of the file src/filters/load svg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit h...

CVE-2025-15155

A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function sgpipelinedescdefaults in the library sokolgfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now...

CVE-2025-15099

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...

EUVD-2025-205425

A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...