php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

USN-8368-1 libeconf vulnerability

It was discovered that libeconf did not properly check the size of input when copying data to a buffer. An attacker could possibly use this issue to cause libeconf to crash, resulting in a denial of service...

EUVD-2018-21957

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception...

CVE-2026-25277 Buffer Copy Without Checking Size of Input in Secure Processor

Memory corruption while using Strongbox due to buffer overflow...

CVE-2026-25277 Buffer Copy Without Checking Size of Input in Secure Processor

Memory corruption while using Strongbox due to buffer overflow...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: added input size checking in procwritesimdisk A malicious user could enter an arbitrarily bad value into memdupusernul, potentially causing a kernel crash. This follows the same pattern as the issue fixed in comm...

Astra Linux - уязвимость в apache2

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a Lua script that calls r:parsebody0 may cause a denial of service due to the lack of a default limit on the possible input size...

Astra Linux - уязвимость в jsoup

jsoup is a Java library for working with HTML. Users of jsoup versions prior to 1.14.2 who parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user-supplied input, an attacker may provide content that causes the parser to become stuck loop indefinitely until...

BIT-PHP-2026-7568 Signed integer overflow in metaphone()

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: golang (UTSA-2026-016797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016797 advisory. The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: A integer overflow has been fixed in aie2queryctxstatusarray. The unpublished smatch static checker reported a warning. In drivers/accel/amdxdna/aie2pci.c, line 904 of aie2queryctxstatusarray: warn: Potential...

OESA-2026-2049 mesa security update

. Security Fixes: In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.CVE-2026-40393...

CVE-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytes

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

OESA-2026-1926 python-jwcrypto security update

Implements JWK, JWS, JWE specifications with python-cryptography Security Fixes: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing...

openSUSE 16 Security Update : libtasn1 (openSUSE-SU-2026:20470-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20470-1 advisory. - CVE-2025-13151: lack of validation of input data size leads to stack-based buffer overflow in asn1expendoctetstring bsc1256341. Tenable has extracted...

SUSE CVE-2026-39373

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...

EUVD-2025-209332

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routesstatic parameter in the /router.asp endpoint...

CVE-2025-50650

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routesstatic parameter in the /router.asp endpoint...

CVE-2025-50650

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate validation of input size in the routesstatic parameter in the /router.asp endpoint...

UBUNTU-CVE-2026-39373

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...