1274 matches found
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-46597)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-46597 advisory. - An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM pack...
SUSE CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
UBUNTU-CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006 drm/nouveau: fix u32 overflow in pushbuf reloc bounds check
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...
CVE-2026-46006
The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...
UBUNTU-CVE-2026-46598
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...
CVE-2026-46598
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...
CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...
CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...
GO-2026-5033 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...
CVE-2026-30691
Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...
Astra Linux – Vulnerability in imagemagick
In the RestoreMSCWarning function in /coders/pdf.c, there are several places where calls to GetPixelIndex may result in values that are outside the range that can be represented by the unsigned char type. The patch converts the return value of GetPixelIndex to the ssizet type to avoid this bug...
Secure (Multiple) Key-Cast over Networks: Multiple Eavesdropping Nodes
We study the secure multiple key-cast problem over noiseless networks under node-based eavesdroppers, where one or more source nodes participate in the generation of distinct secret keys to be shared among designated terminal subsets, while an eavesdropper observing up to $\ell$ nodes, including...
Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017598)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017598 advisory. There are 4 places in HistogramCompare in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values...
CVE-2026-41682
CVE-2026-41682 affects pupnp (UPnP SDK); prior to 1.18.5 it is vulnerable to SRRF/port-confusion from port truncation caused by atoi() in parse_uri(). Patch available in pupnp 1.18.5. CVSS 4.0 base score 6.9 (MEDIUM).
CVE-2026-41682 pupnp: Port truncation via atoi() cast in parse_uri() allows SSRF port confusion
pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi cast in parseuri. This issue has been patched in version 1.18.5...
CVE-2026-8009
An inappropriate implementation flaw was found in the Cast component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496555077...
CVE-2026-8007
An insufficient validation of untrusted input flaw was found in the Cast component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496399759...