CVE-2021-40985 — A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_... · QSearch CVE Watch

Severity and scoring

Vendor	Product
debian	debian_linux, htmldoc
htmldoc_project	debian_linux, htmldoc

A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.

Source: NVD

Same vendor

CVE-2026-49975 — Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP ... (7.5 HIGH)
CVE-2026-31431 — In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly r... (7.8 HIGH)
CVE-2026-4775 — A flaw was found in the libtiff library (7.8 HIGH)
CVE-2026-3497 — Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions (7.5 HIGH)
CVE-2026-2219 — It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the dat... (7.5 HIGH)

Same CWE

CVE-2026-4367 — A flaw was found in libXpm (5.5 MEDIUM)
CVE-2026-47963 — DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive me... (5.5 MEDIUM)
CVE-2026-47934 — DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive me... (5.5 MEDIUM)
CVE-2026-47927 — DNG SDK versions 1.7.1 2536 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive me... (5.5 MEDIUM)
CVE-2026-47748 — stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (5.5 MEDIUM)