1973 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Bob
Summary Multiple vulnerabilities were addressed in IBM Bob V 2.0 Vulnerability Details CVEID:CVE-2026-41676 DESCRIPTION: rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it...
CVE-2026-14355
The CVE-2026-14355 issue affects PHP 8.2.x before 8.2.32, 8.3.x before 8.3.32, 8.4.x before 8.4.23, and 8.5.x before 8.5.8. It is caused by a buffer allocation flaw in the AES-WRAP-PAD algorithm within the OpenSSL extension, where the output buffer for AES key-wrap-with-padding is sized from plai...
CVE-2026-58379
The CVE-2026-58379 vulnerability affects GIMP 's Paint Shop Pro (PSP) file format parser. It is a heap buffer overflow caused by incorrect buffer size calculations when processing low bit-depth PSP images , which can lead to arbitrary code execution or DoS when a user opens a crafted image. The p...
PT-2026-55578
Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...
EUVD-2026-41218
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2026-36911
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2026-36911
A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2026-36911
Summary of CVE-2026-36911 (MPC-BE) : A division-by-zero vulnerability exists in the file parsing/processing path: the function CStreamSwitcherOutputPin::DecideBufferSize in MPC-BE (before commit 4341cb3). This can be triggered by a crafted MP4 file, leading to a Denial of Service . Affected softw...
drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size
...
PT-2026-53065
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CONS HISTORY ioctl handler fails to properly validate the requested history size. Providing a large value leads to an integer overflow during the buffer size...
UBUNTU-CVE-2026-53304
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...
CVE-2026-52972
A flaw was found in the Linux kernel's afalg cryptography module. This vulnerability involves an arithmetic overflow when processing associated data lengths during the transmit buffer size check. A remote attacker could exploit this flaw by providing a specially crafted associated data length,...
CVE-2026-53183
A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. This vulnerability occurs because the TCP stack independently manages the TCP-level receive window, which can lead to an artificial inflation of the MPTCP receive window. A remote attacker could exploit this by sending...
SUSE CVE-2026-53137
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rxidlist read to buffer size Why & How During HDCP 2.x repeater authentication over HDMI, the driver reads the sink's RxStatus register and extracts a 10-bit message size field max value 1023. Th...
SUSE CVE-2026-53216
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer mvpp2 has short and long BM pools, and short pool buffers can be smaller than PAGESIZE. The XDP path nevertheless initializes every xdpbuff with PAGESIZE as frame size. XDP helper...
The vulnerability of the net/batman-adv/bat_iv_ogm.c module in the Linux operating system allows a hacker to trigger a system failure during maintenance operations.
The vulnerability of the net/batman-adv/bativogm.c module in the Linux operating system is related to incorrect calculations of buffer size. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2026-6681 PKCS#7 decode ignores caller output buffer size, writing past buffer bounds
The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...
CVE-2026-6681
The PKCS7 decode path ignores the caller-supplied output buffer size outputSz, allowing decoded content to be written past the bounds of the provided buffer. This affects wolfSSL 5.9.0 and earlier and was fixed in the 5.9.1 release...
CVE-2026-6681
CVE-2026-6681 describes a buffer overflow in wolfSSL up to 5.9.0 caused by the PKCS#7 decode path ignoring the caller-supplied output buffer size (outputSz). Decoded data can be written past the provided buffer, potentially affecting confidentiality and integrity. The issue is fixed in wolfSSL 5....
CVE-2026-52959
A flaw was found in the Linux kernel's Secure Encrypted Virtualization SEV guest module. This vulnerability allows a malicious host to provide an invalid buffer size during an extended guest request. This incorrect handling of host-controlled page order during the cleanup process can lead to a...