Total
14152 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2681 | 1 Supranational | 1 Blst | 2026-04-18 | 5.3 Medium |
| A flaw was found in the blst cryptographic library. This out-of-bounds stack write vulnerability, specifically in the blst_sha256_bcopy assembly routine, occurs due to a missing zero-length guard. A remote attacker can exploit this by providing a zero-length salt parameter to key generation functions, such as blst_keygen_v5(), if the application exposes this functionality. Successful exploitation leads to memory corruption and immediate process termination, resulting in a denial-of-service (DoS) condition. | ||||
| CVE-2026-26200 | 1 Hdfgroup | 1 Hdf5 | 2026-04-18 | 7.8 High |
| HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue. | ||||
| CVE-2026-2045 | 1 Gimp | 1 Gimp | 2026-04-18 | 7.3 High |
| GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28265. | ||||
| CVE-2026-2047 | 1 Gimp | 1 Gimp | 2026-04-18 | 7.8 High |
| GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICNS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28530. | ||||
| CVE-2026-2048 | 1 Gimp | 1 Gimp | 2026-04-18 | 7.8 High |
| GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28591. | ||||
| CVE-2026-24497 | 2 Simtech Systems, Thinkwise | 2 Thinkwise, Thinkwise | 2026-04-18 | 9.8 Critical |
| Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through 23. | ||||
| CVE-2026-21501 | 2 Color, Internationalcolorconsortium | 2 Iccdev, Iccdev | 2026-04-18 | 5.5 Medium |
| iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to stack overflow in the calculator parser. This issue has been patched in version 2.3.1.2. | ||||
| CVE-2026-22046 | 2 Color, Internationalcolorconsortium | 2 Iccdev, Iccdev | 2026-04-18 | 8.8 High |
| iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available. | ||||
| CVE-2026-21869 | 1 Ggml | 1 Llama.cpp | 2026-04-18 | 8.8 High |
| llama.cpp is an inference of several LLM models in C/C++. In commits 55d4206c8 and prior, the n_discard parameter is parsed directly from JSON input in the llama.cpp server's completion endpoints without validation to ensure it's non-negative. When a negative value is supplied and the context fills up, llama_memory_seq_rm/add receives a reversed range and negative offset, causing out-of-bounds memory writes in the token evaluation loop. This deterministic memory corruption can crash the process or enable remote code execution (RCE). There is no fix at the time of publication. | ||||
| CVE-2026-21897 | 1 Nasa | 1 Cryptolib | 2026-04-18 | 7.3 High |
| CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the Crypto_Config_Add_Gvcid_Managed_Parameters function only checks whether gvcid_counter > GVCID_MAN_PARAM_SIZE. As a result, it allows up to the 251st entry, which causes a write past the end of the array, overwriting gvcid_counter located immediately after gvcid_managed_parameters_array[250]. This leads to an out-of-bounds write, and the overwritten gvcid_counter may become an arbitrary value, potentially affecting the parameter lookup/registration logic that relies on it. This issue has been patched in version 1.4.3. | ||||
| CVE-2026-0822 | 1 Quickjs-ng | 1 Quickjs | 2026-04-18 | 6.3 Medium |
| A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The identifier of the patch is 53eefbcd695165a3bd8c584813b472cb4a69fbf5. To fix this issue, it is recommended to deploy a patch. | ||||
| CVE-2026-21304 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-04-18 | 7.8 High |
| InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21277 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-04-18 | 7.8 High |
| InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21281 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-04-18 | 7.8 High |
| InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21305 | 1 Adobe | 1 Substance 3d Painter | 2026-04-18 | 7.8 High |
| Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21298 | 1 Adobe | 1 Substance 3d Modeler | 2026-04-18 | 7.8 High |
| Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21299 | 1 Adobe | 1 Substance 3d Modeler | 2026-04-18 | 7.8 High |
| Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-22852 | 1 Freerdp | 1 Freerdp | 2026-04-18 | 9.8 Critical |
| FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1. | ||||
| CVE-2026-0959 | 1 Wireshark | 1 Wireshark | 2026-04-18 | 5.3 Medium |
| IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | ||||
| CVE-2026-0961 | 1 Wireshark | 1 Wireshark | 2026-04-18 | 5.5 Medium |
| BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service | ||||