66481 matches found
Moderate: mingw-glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: Integer overflow in in...
Security update for openexr (important)
openSUSE security update: security update for openexr ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20755-1 Rating: important References: bsc1264353 bsc1264354 bsc1264356 Cross-References: CVE-2026-41142 CVE-2026-42216 CVE-2026-42217 CVSS scores:...
ALSA-2026:19148 Moderate: glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...
RHEL 10 : mingw-glib2 (RHSA-2026:18344)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18344 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, t...
RHEL 10 : libtiff (RHSA-2026:19150)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19150 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitra...
SUSE SLED15 / SLES15 Security Update : tiff (SUSE-SU-2026:1965-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1965-1 advisory. This update for tiff fixes the following issue - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile...
RHEL 10 : iputils (RHSA-2026:18162)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:18162 advisory. The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: iputils integer overflow...
RHEL 9 : mingw-glib2 (RHSA-2026:18705)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18705 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, th...
RHEL 9 : libtiff (RHSA-2026:19363)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19363 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: libtiff: Arbitrar...
OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI
Summary A remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing memcached storage commands such as set, add, replace, append, prepend, or cas, OBI accepts extremely large values and adds the payload delimite...
EUVD-2026-30789
NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodevop function in sys/opencrypto/cryptodev.c where the local variable iovlen is declared as a signed int but assigned from an unsigned cop-dstlen value, causing undefined behavior when cop-dstlen exceeds...
CVE-2026-32849
NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodevop function in sys/opencrypto/cryptodev.c where the local variable iovlen is declared as a signed int but assigned from an unsigned cop-dstlen value, causing undefined behavior when cop-dstlen exceeds...
CLSA-2026-1779123410 jq: Fix of 8 CVEs
CVE-2026-40164: randomize hash seed to mitigate hash collision DoS - CVE-2026-40612: limit containment check depth - CVE-2026-41256: fix NUL truncation in program files loaded with -f - CVE-2026-41257: fix signed-int overflow in stackreallocate - CVE-2026-43894: cap numeric literal length to...
iskorotkov/avro: Integer Overflow in Decoder
Integer Overflow in Avro Decoder Summary Several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets GOARCH=386, arm, mips,...
GHSA-MC57-H6J3-3HMV iskorotkov/avro: Integer Overflow in Decoder
Integer Overflow in Avro Decoder Summary Several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets GOARCH=386, arm, mips,...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the SpriteFont file loading process. An attacker can execute arbitrary code by providing a specially crafted .spritefont file that triggers a 32-bit integer overflow during multiplication. This is only...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the SpriteFont file loading process when handling untrusted .spritefont files. An attacker can execute arbitrary code by supplying a crafted data file that triggers a 32-bit integer overflow during...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the IPTC encoder. An attacker can access sensitive information or cause a partial denial of service by providing a specially crafted input file that triggers an out-of-bounds read. Remediation A f...
Integer Underflow (Wrap or Wraparound)
Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
Integer Underflow (Wrap or Wraparound)
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...