67301 matches found
Microweber <1.2.12 - Integer Overflow
Microweber before 1.2.12 is susceptible to integer overflow. The application allows large characters to insert in the input field 'first & last name,' which can allow an attacker to cause a denial of service via a crafted HTTP request. id: CVE-2022-0968 info: name: Microweber 1.2.12 - Integer...
CVE-2026-55254
NCalc (.NET) contains a DoS via the factorial operator in the NCalc.Core/Helpers/MathHelper.cs path. Prior to v6.1.1, evaluating expressions with extremely large factorial operands can cause excessive CPU usage or a non-terminating loop due to integer overflow. A fix was implemented in v6.1.1 tha...
CVE-2026-40469
A flaw was found in gawk. An integer overflow vulnerability exists in the dosub routine, which could allow an attacker to overwrite internal program data. This can lead to a denial of service DoS by causing the gawk program to crash. This issue affects 32-bit builds of gawk...
CVE-2026-44251
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions 3.0.0 and above, prior to 4.14.5, a sizet integer underflow in oscrypto/shared/msgs.c:389 allows any enrolled Wazuh agent to crash the wazuh-remoted process on the manager, immediately...
CVE-2026-59117
Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network...
pacemaker: Pacemaker: Denial of Service via integer overflow in remote message decompression
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
pacemaker: Pacemaker: Denial of Service via integer overflow in remote message decompression
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...
pacemaker: Pacemaker: Denial of Service via integer overflow in remote message decompression
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: pacemaker security update
An update for pacemaker is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
pacemaker: Pacemaker: Denial of Service via integer overflow in remote message decompression
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...
Windows Terminal Remote Code Execution Vulnerability
Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network...
HPLIP: Incomplete Fix for CVE-2026-8631
A flaw was found in HPLIP HP Linux Imaging and Printing Software. This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling...
pacemaker: Pacemaker: Denial of Service via integer overflow in remote message decompression
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...
CVE-2026-55203
A flaw was found in HAProxy. A malicious FastCGI Fast Common Gateway Interface backend can exploit an integer overflow vulnerability in the fcgiconn structure's drl field. This occurs when specific contentLength and paddingLength values cause the drl field to wrap to zero, leading to incorrect...
MGASA-2026-0256 Updated poppler packages fix a security vulnerability
The updated packages fix a security vulnerability: Integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication. CVE-2026-10118...
PT-2026-60598
Name of the Vulnerable Software and Affected Versions Windows Terminal affected versions not specified Description An integer overflow or wraparound occurs in Windows Terminal, which could allow an unauthorized attacker to execute code over a network. There have been reports of increased actor...
GHSA-GHHP-3QVG-889P websocket-driver: Memory exhaustion via abuse of protocol length headers
Impact The frame format in draft versions of the WebSocket protocol includes a length header that allows an arbitrarily large integer to be encoded as a sequence of bytes with the high bit set. By sending an indefinite sequence of bytes with values 0x80 or above, a server or client can make the...
CVE-2026-40955
CVE-2026-40955 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...