USN-8337-1 qtsvg-opensource-src vulnerabilities

It was discovered that QtSvg incorrectly handled certain SVG images. An attacker could possibly use this issue to cause QtSvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2018-19869 It was discovered that QtSvg incorrectly handled certain SVG images. ...

Node.js: Node.js: Denial of Service due to crafted HTTP `__proto__` header

A flaw was found in Node.js. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request that includes a header named proto. When a Node.js application processes this request and attempts to access distinct headers, it encounters an unhandled error, leading to an...

PT-2026-26898

CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during t...

编号撤回

SoX is a suite of open source audio processing tools. The product supports playing, converting and recording audio in multiple formats. A numeric error vulnerability exists in SoX version 14.4.2, which originates from a divide-by-zero error when processing a specially crafted WAV file, and may...

CVE-2025-68469

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

About the security content of Safari 26.1

About the security content of Safari 26.1 This document describes the security content of Safari 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

EUVD-2019-5053

Malware in sbrugna...

EUVD-2017-14921

Malware in sbrugna...

EUVD-2024-0982

Malicious code in bioql PyPI...

Security update for jasper

This update for jasper fixes the following issues: CVE-2025-8835: missing range check in the JPEG-2000 JPC Encoder leads to assertion failure and crash when processing a malformed JPEG2000 image with an invalid cblkwidth parameter bsc1247904. CVE-2025-8836: out-of-bounds array indexing in functio...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the breakwordforoverflowwrap function when rendering a malformed EPUB document. An attacker can cause a crash by supplying a specially crafted EPUB file that triggers a null pointer dereference in the...

CVE-2025-43375

The CVE-2025-43375 entry is tied to Xcode 26 where a path-handling issue can cause a process crash when processing an overly large path value. Technical details across connected sources consistently cite the vulnerability in the Xcode 26 development tools and the fix implemented by Apple (improve...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...

CVE-2024-47213

An issue was discovered affecting Enrich 5.1.0 and below. It involves sending a maliciously crafted Snowplow event to the pipeline. Upon receiving this event and trying to validate it, Enrich crashes and attempts to restart indefinitely. As a result, event processing would be halted...

CVE-2024-9481

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

CVE-2024-27831

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a file may lead to unexpected app terminati...

mutt: null pointer dereference

A null pointer dereference flaw was found in mutt when handling specially crafted characters. This issue could allow an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email...

PT-2023-35862 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. The crash occurs in the IEC104Stats::processPacket function, which is called by...

USN-6110-1 Jhead vulnerabilities

It was discovered that Jhead did not properly handle certain crafted Canon images when processing them. An attacker could possibly use this issue to crash Jhead, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS...

SUSE CVE-2016-6235

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service segmentation fault via a crafted jpeg file...