Security update for libjxl (important)

openSUSE Security Update: Security update for libjxl Announcement ID: openSUSE-SU-2026:0182-1 Rating: important References: 1266460 Cross-References: CVE-2025-70103 CVSS scores: CVE-2025-70103 SUSE: 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE...

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

CLSA-2026-1779368297 polkit: Fix of CVE-2026-4897

CVE-2026-4897: Fix unbounded stdin reads that allow local user to trigger OOM and DoS in setuid helper; add input length checks and limit allocations...

Astra Linux - уязвимость в node-moment

moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Versions of moment that were affected use an inefficient parsing algorithm. Specifically, the string-to-date parsing method used by moment more precisely, the rfc2822 parsing method, which is used by...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: Validating user input for expected length I received multiple syzbot reports indicating that old bugs were exposed due to BPF after committing 20f2505fb436 “bpf: Trying to avoid kzalloc in cgroup/s,getsockopt”. The...

Astra Linux - уязвимость в grub2

The “read” command is used to read the keyboard input from the user. While reading, the input length is stored as a 32-bit integer value. This value is then used to reallocate the line buffer to accommodate the next character. During this process, if the line is long enough, it’s possible for thi...

ROS-20260513-73-0001

Vulnerability in rubygem-rack related to errors in processing input length parameters. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

CVE-2026-42484

Hashcat v7.1.2 contains a heap-based buffer overflow in the PKZIP hash parser’s hex_to_binary function. When data_type_enum

CLSA-2026-1777462768 cups: Fix of CVE-2023-4504

CVE-2023-4504: validate PPD PostScript input length to prevent heap-based buffer overflow in raster-interpret.c...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ptpunpackEOSImageFormat and ptpunpackEOSCustomFuncEx functions due to missing length validation for input buffers. An attacker can cause the application to read out-of-bounds memory by supplying crafted data to...

DEBIAN-CVE-2026-33689

xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated attacker can trigger this flaw by sending a specially crafted sequence of packets during the initial connection phase...

CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

Google Chrome ANGLE heap buffer overflow vulnerability (CNVD-2026-16862)

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the ANGLE heap to properly validate the length size of input data, which can be exploited by an...

Security Bulletin: Improper Unicode Handling in validator isLength() Leads to Input Length Bypass (Pre-13.15.22) affects watsonx.data

Summary Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength function that does not take into account Unicode variation selectors \uFE0F, \uFE0E appearing in a sequence which lead to improper string...

EUVD-2018-21738

Microsoft One Search 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting excessively long input strings to the search functionality. Attackers can paste a buffer of 950 or more characters into the search bar to trigger an unhandled...

CVE-2018-25244

The CVE-2018-25244 entry affects Microsoft Eco Search 1.0.2.0. A denial-of-service condition arises when an attacker with local access submits an excessively long string (buff­er of ≥950 characters) in the search functionality, triggering a crash. Both CVSS-derived metrics indicate LOCAL attack v...

CVE-2018-25240

Microsoft Watchr 1.1.0.0 is affected by a local denial-of-service vulnerability in its search feature: submitting an excessively long string (about 8,145 characters) can crash the application. The issue stems from input handling in the search function, enabling a local attacker to trigger a crash...

PT-2026-30359

Microsoft VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an...

PT-2026-30361

Microsoft Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to caus...