krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...

Important: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...

Important: Red Hat Security Advisory: krb5 security update

An update for krb5 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

EUVD-2026-35259

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

EUVD-2026-35255

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-11659

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11640

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2026-47981

Name of the Vulnerable Software and Affected Versions Windows Internet wininet.dll versions prior to June 2026 patchday Description An integer overflow or wraparound in the Windows Internet library wininet.dll allows an authorized attacker to elevate privileges locally. This issue occurs within t...

PT-2026-48258

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description An integer overflow or wraparound occurs when an application attempts to store a numeric value that is too large for the allocated memory space, causing the value to wrap around to a...

Adobe CAI Content Credentials 输入验证错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 contain a...

FreeBSD Security Advisory - FreeBSD-SA-26:34.vt

FreeBSD Security Advisory - The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the...

X.Org Server XkbSetCompatMap Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

PT-2026-47938

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description An integer underflow wrap or wraparound occurs in Microsoft Office Excel, which allows an unauthorized attacker to execute arbitrary code locally or remotely, affecting the...

ROS-20260609-73-0002

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to integer overflows. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...

PT-2026-47895

Name of the Vulnerable Software and Affected Versions Windows NT OS Kernel affected versions not specified Description An integer underflow wrap or wraparound in the kernel allows an authorized attacker to elevate privileges locally. This issue can be used as a post-breach maneuver to gain full...

PT-2026-48025

Name of the Vulnerable Software and Affected Versions Windows HTTP.sys affected versions not specified Description An integer overflow or wraparound in the HTTP.sys driver allows an unauthorized remote attacker to execute arbitrary code over a network and affect the system. Recommendations At the...

PT-2026-47906

Name of the Vulnerable Software and Affected Versions Windows NT OS Kernel affected versions not specified Description An integer underflow wrap or wraparound in the Windows NT OS Kernel allows an authorized attacker to elevate privileges locally. This issue enables a user with a local foothold t...