OESA-2026-2650 poppler security update

is a PDF rendering library. Security Fixes: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized...

OESA-2026-2649 poppler security update

is a PDF rendering library. Security Fixes: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized...

OESA-2026-2648 poppler security update

is a PDF rendering library. Security Fixes: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized...

OESA-2026-2614 catdoc security update

catdoc is program which reads one or more Microsoft word files and outputs text, contained insinde them to standard output. Therefore it does same work for.doc files, as unix cat command for plain ASCII files. It is now accompanied by xls2csv - program which converts Excel spreadsheet into...

OESA-2026-2613 catdoc security update

catdoc is program which reads one or more Microsoft word files and outputs text, contained insinde them to standard output. Therefore it does same work for.doc files, as unix cat command for plain ASCII files. It is now accompanied by xls2csv - program which converts Excel spreadsheet into...

BIT-SQLITE-2026-11822 SQLite before 3.53.2 Memory Corruption in FTS5 Extension

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

SUSE-SU-2026:2381-1 Security update for libyang

This update for libyang fixes the following issue - CVE-2026-44673: integer overflow in lybreadstring of src/parserlyb.c leads to heap buffer overflow when parsing a maliciously crafted LYB binary blob bsc1265330...

RLSA-2026:24984 Important: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118 For more details about the...

SUSE CVE-2026-10118

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

FreeType Contour Boundary Validation Utility

This is a FreeType contour boundary validation utility for detecting indexing and integer-limit risks. It implements a validation routine for detecting unsafe contour metadata conditions by evaluating contour counts and index boundaries against expected limits...

QEMU 8.1.x < 10.0.10 / 10.2.x < 10.2.3 / 11.0.x < 11.0.1 Privilege Escalation

The version of QEMU installed on the remote Windows host is affected by a privilege escalation vulnerability: - An integer overflow exists in the calcimagehostmem function within the virtio-gpu driver due to the lack of proper validation of user-supplied data before allocating a buffer. A local...

EulerOS Virtualization 2.13.0 : openjpeg2 (EulerOS-SA-2026-2410)

According to the versions of the openjpeg2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library...

RockyLinux 10 : poppler (RLSA-2026:24985)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:24985 advisory. poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication CVE-2026-10118...

EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)

According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...

MiracleLinux 8 : thunderbird-140.11.0-1.el8_10.ML.1 (AXSA:2026-781:13)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-781:13 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

Security Updates for Microsoft Excel Products C2R (June 2026)

The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-44817, CVE-2026-44818, CVE-2026-44820,...

PT-2026-49022

Name of the Vulnerable Software and Affected Versions Imagination Graphics DDK affected versions not specified Description A web page containing unusual WebGPU content loaded into the GPU GLES render process can trigger an out-of-bound write in the GPU user-space driver. This occurs because the...

CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

CVE-2026-11774 389-ds-base: 389-ds-base: integer overflow in sasl packet length bypasses size limit leading to heap buffer overflow

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...