CVE-2026-40333 libgphoto2 has OOB read in ptp_unpack_EOS_ImageFormat() and ptp_unpack_EOS_CustomFuncEx() due to missing length parameter in ptp-pack.c

libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer but no length parameter, performing unbounded reads. Their callers in ptpunpackEOSevents have xsize available but never pass it, leaving both...

PT-2023-36042 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the pack unpack function, mrb pack unpack function, and mrb vm exec function...

CVE-2017-16869

CVE-2017-16869 concerns UPX 3.94 where p_mach.cpp (in the canPack and unpack paths) can be triggered by a crafted Mach-O file to cause a denial of service via an invalid memory access, with the vendor stating there is no security implication. SUSE/Security entries reiterate the affected UPX 3.94 ...

RHEL 2.1 : php (RHSA-2005:031)

Updated php packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A double-free bug was found in the deserialization code of PHP. PHP applications use the unserialize...