CVE-2026-39856

osslsigncode (before 2.13) has an out-of-bounds read in PE page-hash calculation (pe_page_hash_calc) when processing PE sections. The code uses PointerToRawData and SizeOfRawData from section headers without ensuring the referenced region lies within the mapped file, allowing an attacker to craft...

CVE-2026-39856 osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...

CVE-2026-39856 osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...

elfintils 'elflint.c' file denial of service vulnerability

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A security vulnerability exists in the elflint.c file in elfutils version 0.168. Since the program fails to validate the number of sections and segments. A remote attacker could cause a denial of...

Piwigo Remote File Inclusion Vulnerability (CNVD-2017-00112)

Piwigo is a web-based photo album software from the Piwigo team. The software supports photo publishing, management, multiple browsing options categories, tags, time and more. A security vulnerability exists in the admin/plugin.php file in Piwigo 2.8.3 and earlier versions, which stems from the...