GO-2026-4675 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill...

CVE-2026-31961

CVE-2026-31961 Quill : The Go-based Quill tool before v0.7.1 is vulnerable to unbounded memory allocation when parsing Mach-O binaries. The code signs/notarizes macOS binaries and reads LC_CODE_SIGNATURE fields (DataSize, DataOffset, Size, SuperBlob, BlobIndex, Length) without validating these va...

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

EUVD-2026-11329

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing...

SUSE CVE-2023-39192

A flaw was found in the Netfilter subsystem in the Linux kernel. The xtu32 module did not validate the fields in the xtu32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a cra...

guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service...

guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service...

guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service...

DEBIAN-CVE-2017-6801

An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse in libytnef...

UBUNTU-CVE-2017-6801

An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse in libytnef...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

Errors in the code of Google Chrome’s libvpx library allow a malicious actor to cause service failures by initializing fields of negative size using specially crafted VP9 video frames...