Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

UBUNTU-CVE-2026-56404

libexpat before 2.8.2 has an integer overflow in addBinding...

UBUNTU-CVE-2026-56407

libexpat before 2.8.2 has an integer overflow in doProlog that is rela...

UBUNTU-CVE-2026-56208

A heap buffer overflow vulnerability was found in libaom, the referenc...

UBUNTU-CVE-2026-56406

libexpat before 2.8.2 has an integer overflow in XMLParseBuffer becau...

UBUNTU-CVE-2026-56405

libexpat before 2.8.2 has an integer overflow in getAttributeId...

UBUNTU-CVE-2026-56411

xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDe...

UBUNTU-CVE-2026-56408

libexpat before 2.8.2 has an integer overflow in copyString...

UBUNTU-CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doP...

UBUNTU-CVE-2026-56409

xmlwf in libexpat before 2.8.2 has an integer overflow for the output...

UBUNTU-CVE-2026-56403

libexpat before 2.8.2 has an integer overflow in storeAtts...

UBUNTU-CVE-2026-9265

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OO...

UBUNTU-CVE-2026-56210

A heap-buffer-overflow read vulnerability was found in libaom, the ref...

UBUNTU-CVE-2026-56410

xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSyste...

DEBIAN-CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2026-12806

A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack...