66515 matches found
krb5 security update
An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...
OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file
A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...
OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file
A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...
OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file
A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via integer wraparound in the allocation process. An attacker can execute arbitrary code or cause a segmentation fault by providing specially crafted, large-scale inputs to database functions. Remediation...
CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
ALPINE-CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
UBUNTU-CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the escapeandappend function in the document-builder API when processing very large input strings on platforms with limited sizet width. An attacker can cause out-of-bounds memory reads, potentially...
OPENSUSE-SU-2026:20727-1 Security update for chromium
This update for chromium fixes the following issues: Changes in chromium: - Chromium 148.0.7778.167 boo1265159 - Chromium 148 148.0.7778.96 promoted to stable boo1264175 CVE-2026-7896: Integer overflow in Blink CVE-2026-7897: Use after free in Mobile CVE-2026-7898: Use after free in Chromoting...
CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
CVE-2026-6473
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
EUVD-2026-30281
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
CVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparound
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...
CVE-2026-6473
CVE-2026-6473 affects PostgreSQL server features where integer wraparound can cause undersized allocations and write out-of-bounds. An unprivileged database user could potentially execute arbitrary code as the OS user running the database, or trigger segmentation faults with gigabyte-scale inputs...
GIMP: GIMP: Arbitrary code execution via specially crafted PSD file
A flaw was found in GIMP. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted PSD Photoshop Document file. This flaw is due to an integer overflow during the parsing of PSD files, which can lead to arbitrary code execution, allowing the attacker to run...
gimp: GIMP: Remote Code Execution via XPM File Parsing Integer Overflow
A flaw was found in GIMP. Remote attackers can exploit this vulnerability by tricking a user into opening a malicious XPM X PixMap image file. This can lead to an an integer overflow during file processing, allowing the attacker to execute arbitrary code on the affected system...
CVE-2026-8295
The CVE-2026-8295 issue affects simdjson’s document-builder API, specifically the string_builder::escape_and_append() path. An integer overflow can occur when processing very large input strings on platforms with limited size_t width (e.g., 32-bit builds), causing insufficient buffer allocation a...