BIT-JAVA-2024-47596 GHSL-2024-244: GStreamer has an OOB-read in FOURCC_SMI_ parsing

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemuxparsesvq3stsddata function within qtdemux.c. In the FOURCCSMI case, seqhsize is read from the input file without proper validation. If seqhsize is greater than the remaining...

CVE-2026-21375

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...

CVE-2026-21376

CVE-2026-21376 : Memory corruption occurs when an output buffer is accessed during IOCTL processing in a camera sensor driver without validating its size. Root cause is missing validation of the output buffer size. Documented impact includes high confidentiality, integrity, and availability conce...

CVE-2026-21373

CVE-2026-21373 describes memory corruption in the camera subsystem occurring when an IOCTL path accesses an output buffer without validating its size. This leads to a potential buffer over-read/overflow, as indicated by the NVD entry. The CVSS v3.1 vector shows a HIGH impact with local attack vec...

PT-2026-30646

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...

GO-2026-4675 Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing in github.com/anchore/quill...

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

CVE-2026-31961

CVE-2026-31961 Quill : The Go-based Quill tool before v0.7.1 is vulnerable to unbounded memory allocation when parsing Mach-O binaries. The code signs/notarizes macOS binaries and reads LC_CODE_SIGNATURE fields (DataSize, DataOffset, Size, SuperBlob, BlobIndex, Length) without validating these va...

EUVD-2026-11329

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing...

PT-2022-1355 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.10 Description: The issue is related to the RNDIS USB gadget in the Linux kernel, which lacks validation of the size of the RNDIS MSG SET command. This can allow attackers to obtain sensitive information fr...

UBUNTU-CVE-2019-10723

An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. Details Denial of Service DoS...

guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service...

DEBIAN-CVE-2018-6381

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzipdiskfread function zzip/mmapped.c because the size variable is not validated against the amount of...