Linux Distros Unpatched Vulnerability : CVE-2026-31716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: validate rec-used in journal-replay file record check checkfilerecord validates rec-total against the record size but never validates rec-used. The...

CVE-2026-31716

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec-used in journal-replay file record check checkfilerecord validates rec-total against the record size but never validates rec-used. The doaction journal-replay handlers read rec-used from disk and use it to...

CVE-2026-31716

The CVE-2026-31716 entry covers a Linux kernel NTFS3 flaw in journal replay. Description from multiple sources states that check_file_record() validates rec->total against the record size but not rec->used. The journal-replay handlers read rec->used from disk and use it to compute memmov...

CVE-2026-5720 miniupnpd Integer Underflow SOAPAction Header Parsing

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

SUSE SLES15 Security Update : valkey (SUSE-SU-2026:0848-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0848-1 advisory. Update to version 8.0.7. Security issues fixed: - CVE-2025-67733: data tampering and denial of service via improper null character...

CVE-2026-28419

Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding...

Vim 安全漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0075 contained security vulnerabilities. These vulnerabilities stemmed from Emacs-style tag file parsing logic, which had a heap-based buffer underflow issue. This issue could lead to...

CVE-2026-26203 PJSIP's pjmedia-video has use-after-free in H264 packetizer when packetizing fragmented NAL

PJSIP is a free and open source multimedia communication library. Versions prior to 2.17 have a critical heap buffer underflow vulnerability in PJSIP's H.264 packetizer. The bug occurs when processing malformed H.264 bitstreams without NAL unit start codes, where the packetizer performs unchecked...

SUSE CVE-2023-53171

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

CVE-2025-38200 i40e: fix MMIO write access to an invalid page in i40e_clear_hw

In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40eclearhw When the device sends a specific input, an integer underflow can occur, leading to MMIO write access to an invalid page. Prevent the integer underflow by changing the...

kernel: vt_ioctl: fix array_index_nospec in vt_setactivate

A vulnerability was found in the Linux kernel's vtioctl subsystem, where the vtsetactivate function can lead to a transient integer underflow due to improper handling of the vsa.console value. The vulnerability arises when an out-of-bounds value is decreased before being sanitized using...

OESA-2024-1097 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid...

PT-2023-8385 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: An out-of-bounds memory read flaw was found in the receive encrypted standard function in the SMB Client sub-component of the Linux Kernel. This issue occurs due to integer underflow o...

Exploit for Buffer Underflow in Fortinet Fortiweb

CVE-2023-25610 Insufficient heap memory in the FortiOS manage...

SUSE CVE-2015-7194

Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ZIP archive...

ALPINE-CVE-2019-17042

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...

UBUNTU-CVE-2015-7218

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...