SUSE CVE-2026-43618

Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...

GO-2026-5013 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

PT-2026-42717

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An incorrectly placed cast from bytes to int in the AES-GCM packet decoder allows for a server-side panic when processing well-crafted inputs. A server-side pani...

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-23 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-48 or 7.x prior to 7.1.2-23. It is, therefore, affected by multiple vulnerabilities: - A crafted MSL image can trigger a heap-use-after-free in the MSL decoder. CVE-2026-46523 - Due to a missing depth check, a stack...

Unity Linux 20.1060e / 20.1070e Security Update: openjpeg (UTSA-2026-016638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016638 advisory. Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or...

Linux Distros Unpatched Vulnerability : CVE-2026-46522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-46522 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an error in the conversion between bytes and integers. This vulnerability may cause ...

CLSA-2026-1779369849 rsync: Fix of CVE-2026-43618

CVE-2026-43618: fix integer overflow in compressed-token decoder allowing remote memory disclosure via crafted compressed stream...

CLSA-2026-1779369622 rsync: Fix of CVE-2026-43618

CVE-2026-43618: fix integer overflow in compressed-token decoder allowing remote memory disclosure via crafted compressed stream...

CLSA-2026-1779369352 Fix CVE(s): CVE-2026-43618

SECURITY UPDATE: integer overflow in compressed-token decoder - debian/patches/CVE-2026-43618.patch: cap rxtoken at MAXTOKENINDEX and reject over-long simplerecvtoken literal chunks to prevent remote memory disclosure via crafted compressed stream - CVE-2026-43618...

Security update for ImageMagick

This update for ImageMagick fixes the following issues CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048. Patch Instructions: To install this SU...

SUSE-SU-2026:2023-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

SUSE-SU-2026:2022-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

SUSE-SU-2026:2021-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

SUSE-SU-2026:2020-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues - CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of 32-bit systems when processing extremely large images bsc1259528. - CVE-2026-42050: Stack buffer overflow in XTileImage bsc1265048...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the VP8 stateless decoder’s “smatch” warning. A “smatch” static checker warning was also fixed in vdecvp8reqif.c. This issue causes the kernel to crash when fb is set to NULL...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 multi-stateless decoder’s match warning. A match static checker warning was also fixed in vdech264reqmultiif.c. This issue causes the kernel to crash when fb is NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fixed the crash that occurred during decoder allocation. When the decoders of an intermediate port are exhausted by existing regions, and a new region is created with that port in its hierarchical path, the...

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.11 contains a segmentation violation through the function decodercontext::processSliceSegmentHeader in decctx.cc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: venus: vdec: A possible memory leak issue has been fixed. The implementation of venushelperallocdpbbufs allows for an early return on an error path when checking the ID from idaallocmin. This would prevent the earlier buff...