CVE-2026-30985 iccDEV has a heap-based buffer overflow write in CIccMatrixMath::SetRange()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow write in CIccMatrixMath::SetRange causing memory corruption or crash. This vulnerability is fixed in 2.3.1.5...

PT-2026-24354

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.5 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. A heap-based buffer overflow write exists in the CIccMatrixMath::SetRange function, potentially leading to memo...

MiracleLinux 7 : php-5.4.16-48.0.12.el7.AXS7 (AXSA:2025-10958:11)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10958:11 advisory. CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions CVEs: CVE-2017-9228 Tenable has extracted the preceding descripti...

CLSA-2025-1758896397 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

CLSA-2025-1758892974 php: Fix of CVE-2017-9228

CVE-2017-9228: fix heap out-of-bounds write in bitsetsetrange and parsecharclass functions...

SerenityOS 缓冲区错误漏洞

SerenityOS is a graphical Unix-like operating system for x86 computers. A stack buffer overflow vulnerability exists in the setrange test in TestBitmap in SerenityOS. An attacker can exploit this vulnerability to obtain sensitive information...

redis: Heap buffer overflow in HyperLogLog triggered by malicious client

A heap buffer overflow vulnerability was found in the Redis HyperLogLog data structure. By carefully corrupting a HyperLogLog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding into writing up to 3 bytes beyond the end of a heap-allocated buffer...

oniguruma: Out-of-bounds heap write in bitset_set_range()

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...

The vulnerability of the Oniguruma library, related to the use of an uninitialized variable, which allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an incorrect change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

The vulnerability of the Oniguruma library, which arises from the use of an uninitialized variable and allows for memory corruption to occur.

The vulnerability of the Oniguruma library arises from an improper change in the state of the parsecharclass function. This allows for the use of an uninitialized variable during writing to the buffer. Exploiting this vulnerability could enable a malicious actor to cause memory corruption by...

Oniguruma 'bitset_set_range()' function heap boundary write vulnerability

mbstring Multi-Byte String is a language encoding extension library in PHP PHP: Hypertext Preprocessor; Oniguruma-mod is a regular expression library in Ruby programming language.Oniguruma is one of the a regular expression engine. A security vulnerability exists in Oniguruma's 'bitsetsetrange'...

ALPINE-CVE-2017-9228

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...