Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...

CVE-2026-6473

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

DEBIAN-CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

CVE-2026-45686

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...

DEBIAN-CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

CVE-2026-10722

CVE-2026-10722 affects cilium/ebpf up to 0.21.0, impacting the LoadCollectionSpec/LoadCollectionSpecFromReader path via the loadRawSpec function in btf/btf.go. The vulnerability is an integer overflow caused by crafted input; exploitation is local. Public disclosure is noted, and the patch name i...

CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

CVE-2026-10722 cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

EUVD-2026-34082

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

CVE-2026-10722 cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

firefox: Integer overflow in the Networking: JAR component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...

firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

Cilium 安全漏洞

Cilium is an open-source software developed by Cilium contributors. It is used to provide and transparently protect network connections and load balancing between application workloads, such as application containers or processes. Cilium versions prior to 0.21.0 contain security vulnerabilities;...

PT-2026-45915

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation leads to integer overflow. The attack can only be performed from a local environment. The...