3118 matches found
多款产品安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient boundary checks in the depth computing functions of the Irdma driver, potentially...
ONE 输入验证错误漏洞
ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of tensor replication sizes, which could...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
OpenEXR 安全漏洞
OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.4.0 to 3.4.9 contained security vulnerabilities. These vulnerabilities stemmed from the lack of boundary checks on the dataWindow property, which coul...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from integer overflows during the generation of proof reports, leading to failed buffer copy operations and potentially causing memory corruption...
Security update for osslsigncode (critical)
openSUSE Security Update: Security update for osslsigncode Announcement ID: openSUSE-SU-2026:0115-1 Rating: critical References: 1260680 Cross-References: CVE-2025-70888 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...
Corosync 输入验证错误漏洞
Corosync is an open-source cluster engine developed by The Corosync Cluster Engine. Corosync has a vulnerability in input validation, which stems from integer overflows in the message integrity verification process. This vulnerability may lead to service crashes and denial-of-service attacks...
Tinyproxy 安全漏洞
Tinyproxy is a small, efficient HTTP/SSL proxy daemon developed by Tinyproxy. Versions of Tinyproxy 1.11.3 and earlier contain security vulnerabilities, which stem from integer overflows in the HTTP chunked transmission encoding parser, potentially leading to denial-of-service attacks...
Android ImageMagick 安全漏洞
Android ImageMagick is an image processing library developed by Cherry’s individual developer for the Android platform. Versions of Android ImageMagick prior to 7.1.2-11 contained security vulnerabilities, which were caused by integer overflows or circular errors...
CLSA-2026-1772110471 glib2: Fix of CVE-2025-14087
CVE-2025-14087: Fix integer overflows in GVariant text format parser and escapebytestring...
ImageMagick 安全漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained security vulnerabilities, which were caused by integer overflows in the...
CVE-2025-41726
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...
swoole-src security vulnerabilities
swoole-src is an open-source PHP concurrency library based on coroutines, developed by the Swoole Project. Versions of swoole-src prior to 6.0.2 contained security vulnerabilities, which were caused by integer overflows or circular errors in the sds.C file...
IronOS security vulnerabilities
IronOS is a firmware system developed by Ben V. Brown individually. Versions of IronOS prior to v2.23-rc2 contained security vulnerabilities, which were caused by integer overflows or circular errors...
RawTherapee security vulnerabilities
RawTherapee is an open-source photo processing program developed by RawTherapee. Versions of RawTherapee 5.11 and earlier contained security vulnerabilities. These vulnerabilities were caused by integer overflows or circular errors in the image processing engine component dcraw.Cc, which could le...
Modizer security vulnerability
Modizer is an iOS music player developed by yoyofr. Versions of Modizer prior to 4.1.1 contained security vulnerabilities, which were caused by integer overflows or circular errors...
Glib buffer error vulnerability
Glib is a generic, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, and abstraction for main loops. Glib has a buffer error vulnerability, which stems from integer overflows in the implementation of...
[SECURITY] [DLA 4449-1] zvbi security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4449-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 24, 2026 https://wiki.debian.org/LTS -...