66508 matches found
SUSE CVE-2026-44636
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...
SUSE CVE-2026-44637
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixeldecoderawimpl. context-posx grows by repeatcount on every sixel character wit...
SUSE CVE-2026-46470
An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemuxaudiocaps function does not sufficiently validate atom data before performing division operations, leading to denial of service due to integer division by zero...
Chromium: CVE-2026-8577 Integer overflow in Fonts
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8573 Integer overflow in Codecs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8567 Integer overflow in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8559 Integer overflow in Internationalization
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8532 Integer overflow in XML
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8519 Integer overflow in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
openSUSE 16 Security Update : ffmpeg-4 (openSUSE-SU-2026:20726-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20726-1 advisory. Changes in ffmpeg-4: - CVE-2026-40962: Fixed inadequate CENC subsample bounds checks that could lead to an integer overflow bsc1262237. Tenable has...
Microsoft Edge (Chromium) < 148.0.3967.70 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 148.0.3967.70. It is, therefore, affected by multiple vulnerabilities as referenced in the May 15, 2026 advisory. - Microsoft Edge Chromium-based Remote Code Execution Vulnerability CVE-2026-45495 - Improper input...
[SECURITY] [DSA 6277-1] openjpeg2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6277-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2026 https://www.debian.org/security/faq -...
CVE-2026-44673
A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...
CVE-2026-42308
A flaw was found in Pillow, a Python imaging library. If a font advances for each glyph by an exceeding large amount, an integer overflow can occur when Pillow tracks the current position. This could lead to a denial of service DoS condition, making the application unavailable. Mitigation To...
CVE-2026-6664
A flaw was found in PgBouncer. An integer overflow in the network packet parsing code allows an unauthenticated remote attacker to bypass a boundary check by sending a malformed SCRAM authentication packet. This can lead to a crash, resulting in a Denial of Service DoS for the PgBouncer instance...
CVE-2026-42217
A flaw was found in OpenEXR. A remote attacker could exploit this vulnerability by providing a specially crafted EXR image file. The readVariableLengthInteger function, responsible for decoding variable-length integers, does not properly bound the shift count. This can lead to undefined behavior,...
CVE-2026-43908
A flaw was found in OpenImageIO. A signed 32-bit integer overflow in the ConvertCbYCrYToRGB function can lead to an out-of-bounds write. A remote attacker could exploit this by convincing a user to process a specially crafted image file, resulting in a denial of service DoS due to a process crash...
CVE-2026-43996
A flaw was found in OpenImageIO. An integer overflow vulnerability exists in the TGAInput::decodepixel function's bounds check. This flaw allows a local attacker, by enticing a user to process a specially crafted image file, to cause an out-of-bounds read, leading to a segmentation fault and a...
OESA-2026-2325 lcms2 security update
LittleCMS intends to be an OPEN SOURSE small-footprint color management engine,with special focus on accuracy and performence.It uses the International Color Consortium standard ICC, which is the modern standard when regarding to color management. The ICC specification is widely used and is...
SUSE-SU-2026:21675-1 Security update for tiff
This update for tiff fixes the following issue - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411...