SUSE-SU-2025:3985-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749...

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2025:3956-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3956-1 advisory. - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2025:3978-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3978-1 advisory. - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic a...

SUSE-SU-2025:3978-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2025-62594: Fixed unsigned underflow and division-by-zero that can lead to OOB pointer arithmetic and process crash. bsc1252749...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990332 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits If the offset + lengt...

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup

A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...

ImageMagick CLAHE : Unsigned underflow and division-by-zero lead to OOB pointer arithmetic and process crash (DoS)

Summary A single root cause in the CLAHE implementation — tile width/height becoming zero — produces two distinct but related unsafe behaviors. Vulnerabilities exists in the CLAHEImage function of ImageMagick’s MagickCore/enhance.c. 1. Unsigned integer underflow → out-of-bounds pointer arithmetic...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38579)

crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer boundaries. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

CVE-2022-50580

CVE-2022-50580 affects the Linux kernel’s blk-throttle code. A risk existed that in tg_with_in_bps_limit() the expression bps_limit * jiffy_elapsed_rnd could overflow. The fix substitutes a safe multiplication/division helper, calling mul_u64_u64_div_u64() to prevent overflow. Several sources (in...

GHSA-H5J3-CRG5-8JQM orx-pinned-vec has undefined behavior in index_of_ptr with empty slices

The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...

Undefined behavior in index_of_ptr with empty slices

The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...

CLSA-2025-1760982550 Fix CVE(s): CVE-2022-48174

SECURITYUPDATE: avoid segfault on $0::0/009J - debian/patches/CVE-2022-48174.patch: Fix shell segfault in malformed arithmetic expressions - CVE-2022-48174...

USN-7823-1 ffmpeg vulnerabilities

It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. CVE-2024-35365 It was discovered that FFmpeg did not correctly handle...

CVE-2023-53661

In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxtgetnvramdirectory The value of an arithmetic expression is subject of possible overflow due to a failure to cast operands to a larger data type before performing arithmetic. Used macro for multiplicati...

EUVD-2017-16864

Malware in sbrugna...

EUVD-2018-3789

Malware in sbrugna...

EUVD-2019-2468

Malware in sbrugna...

EUVD-2019-16852

Malware in sbrugna...

EUVD-2020-19694

Malware in sbrugna...