CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

CVE-2026-22259

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...

EUVD-2026-4784

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

CVE-2026-22258 Suricata DCERPC: unbounded fragment buffering leads to memory exhaustion

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

GHSA-8623-9FWR-4CXV Quick-Media Batik Codec FIX package has Code Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...

Quick-Media Batik Codec FIX package has Code Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules. This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects all...

GHSA-23F4-HFMQ-94MJ Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec

Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules. This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects all versions...

CVE-2026-1417

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...

Linux Distros Unpatched Vulnerability : CVE-2026-1484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the...

Linux Distros Unpatched Vulnerability : CVE-2026-22259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memo...

Linux Distros Unpatched Vulnerability : CVE-2026-22261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered i...

CVE-2026-1425

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-1425 pymumu SmartDNS SVBC Record dns.c _dns_decode_SVCB_HTTPS stack-based overflow

A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

EUVD-2026-4698

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

CVE-2026-1416

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the file applications/mp4box/filedump.c. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released...

Linux Distros Unpatched Vulnerability : CVE-2026-1415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gfmediaexportwebvttmetadata of the file src/mediatools/mediaexport.c. The...

Linux Distros Unpatched Vulnerability : CVE-2026-1425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function dnsdecoderrhead/dnsdecodeSVCBHTTPS of the file...

CVE-2026-1417

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...