54491 matches found
EulerOS 2.0 SP15 : openjpeg2 (EulerOS-SA-2026-2454)
According to the versions of the openjpeg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library...
SUSE SLES15 Security Update : haproxy (SUSE-SU-2026:2651-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2651-1 advisory. This update for haproxy fixes the following issues - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that...
SUSE SLES15 Security Update : haproxy (SUSE-SU-2026:2652-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2652-1 advisory. This update for haproxy fixes the following issues - CVE-2026-55203: integer overflow vulnerability in the fcgiconn structure's drl field that...
EulerOS 2.0 SP15 : openjpeg2 (EulerOS-SA-2026-2495)
According to the versions of the openjpeg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library...
JLSEC-2026-652 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common...
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...
CVE-2026-53021
A flaw was found in the Linux kernel's SCSI target core. The sbcexecuteunmap function, which handles UNMAP operations, is vulnerable to an integer overflow. This vulnerability occurs because the bounds check for the Logical Block Address LBA and range does not prevent a 64-bit overflow. An attack...
CVE-2026-30041
An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Service DoS via supplying a crafted PSD file...
EUVD-2026-39583
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
CVE-2026-30041
An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Service DoS via supplying a crafted PSD file...
RHEL 9 : postgresql (RHSA-2026:29904)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:29904 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system accou...
EUVD-2026-31400
golang.org/x/crypto/ssh vulnerable to infinite loop on large channel writes...
DEBIAN-CVE-2026-13281
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
CVE-2026-13281
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
CVE-2026-13281
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
CVE-2026-53059
A flaw was found in the Linux kernel's device-mapper log dm log component. A local attacker could exploit an integer overflow vulnerability where a 64-bit value is truncated to 32 bits, leading to undersized memory allocations. This allows for out-of-bounds writes to kernel memory during log...
JLSEC-2026-629 Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token...
Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...
poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication
A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...
Important: Red Hat Security Advisory: poppler security update
An update for poppler is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
CVE-2026-54679
CVE-2026-54679 affects the jq tool prior to version 1.8.2 on 32-bit systems. The vulnerability is in jvp_string_append where an integer overflow could trigger a massive buffer overrun, with a local attack vector and potential high impact on availability as described in the CVE. The issue is fixed...
CVE-2026-54679
jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...