JLSEC-2026-455 Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer...

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when...

Linux Distros Unpatched Vulnerability : CVE-2026-20031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS conditi...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : clamav (SUSE-SU-2026:1325-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1325-1 advisory. Update to clamav 1.5.2: Security issue: - CVE-2026-20031: improper error handling in the HTML CSS module...

Medium: rust-cargo-c

Issue Overview: A flaw in the gix-date library can generate invalid non-UTF8 strings, leading to undefined behavior when processed. The most likely impact from a successful attack is to data integrity, by the malicious data being able to corrupt data being hold in memory and to system availabilit...

CVE-2026-0810

A flaw was found in gix-date. The gixdate::parse::TimeBuf::asstr function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the TimeBuf component, leading to undefined behavior when these malformed strings are subsequently processed...

SUSE CVE-2025-10543

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

CVE-2025-10543

A flaw was found in paho.mqtt.golang. This vulnerability allows data leakage and packet corruption via malformed UTF-8 Unicode Transformation Format - 8-bit encoded strings exceeding 65535 bytes due to an integer overflow. Mitigation Mitigation for this issue is either not available or the...

EUVD-2025-200211

Eclipse Paho Go MQTT may incorrectly encode strings if length exceeds 65535 bytes...

GHSA-32FW-GQ77-F2F2 Eclipse Paho Go MQTT may incorrectly encode strings if length exceeds 65535 bytes

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

CVE-2025-10543

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

PT-2025-48653

In Eclipse Paho Go MQTT v3.1 library paho.mqtt.golang versions =1.5.0 UTF-8 encoded strings, passed into the library, may be incorrectly encoded if their length exceeds 65535 bytes. This may lead to unexpected content in packets sent to the server for example, part of an MQTT topic may leak into...

CVE-2015-4041: Denial of service (heap-based buffer overflow and application crash) in GNU Coreutils

Security Advisory ID : BSA-2022-1407 Component : GNU Coreutils Revision : 1.0 The keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers ...

USN-2982-1 libksba vulnerabilities

Hanno Böck discovered that Libksba incorrectly handled decoding certain BER data. An attacker could use this issue to cause Libksba to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2016-4353 Hanno Böck discovered that Libksba...

10gen MongoDB Denial of Service Vulnerability

10gen MongoDB is a set of open source NoSQL database from the American company 10gen. A security vulnerability exists in 10gen MongoDB that allows remote attackers to submit BSON requests that specifically contain UTF-8 strings for denial of service attacks...