JLSEC-2026-459

FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FTRequestSize...

Little CMS 安全漏洞

Little CMS either lcms or liblcms is an open-source color management system developed by Marti Maria. This system offers features such as black-point compensation, processing of various pixel formats, and configuration file editing. Versions of Little CMS prior to 2.18 contained a security...

CVE-2026-5474

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

PT-2026-25842

DiceBear is an avatar library for designers and developers. Prior to version 9.4.0, the ensureSize function in @dicebear/converter read the width and height attributes from the input SVG to determine the output canvas size for rasterization PNG, JPEG, WebP, AVIF. An attacker who can supply a...

BIT-FLUENT-BIT-2025-29478

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfllistsize in cfllist.h:165...

PT-2025-47429

The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.3 via the 'get image size by url' function. This is due to insufficient validation of user-supplied URLs when determining image dimensions for gallery item...

Linux Distros Unpatched Vulnerability : CVE-2020-23269

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in gpac 0.8.0. The stblGetSampleSize function in isomedia/stblread.c has a heap- based buffer overflow which can lead to a denial of...

CVE-2019-17528

An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4Processor::ProcessFragments in Core/Ap4Processor.cpp...

GHSA-VJPV-X8P9-7P85 images vulnerable to Denial of Service

All versions of the package images are vulnerable to Denial of Service DoS due to providing unexpected input types to several different functions. This makes it possible to reach an assert macro, leading to a process crash. Note: By providing some specific integer values like 0 to the size...

PT-2024-18937 · Images · Images

Name of the Vulnerable Software and Affected Versions: package images affected versions not specified Description: The issue is related to providing unexpected input types to several different functions, which can lead to a process crash due to reaching an assert macro. Specifically, providing...

CVE-2024-25224

A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...

CVE-2024-25224

A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...

CVE-2024-25224

A cross-site scripting XSS vulnerability in Simple Admin Panel App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...

PT-2024-20835 · Unknown · Simple Admin Panel

Name of the Vulnerable Software and Affected Versions: Simple Admin Panel App version 1.0 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Size Number parameter under the Add Size function...

PT-2023-6819 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev605-gfc9e29089-master Description: The issue is related to a heap-buffer-overflow in the gf isom use compact size function of the GPAC multimedia platform. This can be exploited to cause a denial of service. The...

AZL-31095 CVE-2023-5215 affecting package libnbd for versions less than 1.12.1-3

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 the NBD spec states the size is a 64-bit unsigned value. This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbdgetsize function...

UBUNTU-CVE-2023-5215

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 the NBD spec states the size is a 64-bit unsigned value. This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbdgetsize function...

PT-2023-9291 · Libnbd +5 · Libnbd +5

Name of the Vulnerable Software and Affected Versions: libnbd affected versions not specified Description: A flaw was found in libnbd where a server can reply with a block size larger than 2^63, which is a 64-bit unsigned value according to the NBD spec. This issue could lead to an application...

CVE-2022-43281

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector::size at /bits/stlvector.h...

PT-2022-23091 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description: The issue occurs when the SetSize function receives an input set shape that is...