Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013351)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013351 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG:...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-32288)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-32288 advisory. - tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archi...

Exploit for CVE-2026-3462

CVE-2026-3462 Acrobat Reader | Improperly Controlled Modifica...

zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption

...

CVE-2026-28214

A flaw was found in Firebird, an open-source relational database management system. An authenticated user with INSERT privileges on any table can exploit this vulnerability by sending a specially crafted Batch Parameter Block. This action causes an integer overflow in the...

CVE-2026-28214

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28214

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

CVE-2026-28214

CVE-2026-28214 affects Firebird DBMS. The issue is in the ClumpletReader::getClumpletSize() when parsing a Wide type clumplet, which can overflow totalLength and cause an infinite loop. An authenticated user with INSERT privileges on any table can trigger a denial of service via a crafted Batch P...

PT-2026-33479

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges...

Linux Distros Unpatched Vulnerability : CVE-2026-28214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize function can...

CVE-2026-40259 SiYuan: Publish Reader Can Arbitrarily Delete Attribute View Files via removeUnusedAttributeView API

SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that accepts publish-service RoleReader tokens. The handler passes a caller-controlled id directly to a model...

Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption

Details A buffer overflow vulnerability exists in Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but fails to guarantee the backing Ruby string has enough capacity before the memmove shifts the existing data. This can lead to...

EUVD-2026-23278

Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption...

CVE-2026-27820

A flaw was found in zlib, a Ruby interface for the zlib compression/decompression library. The Zlib::GzipReader component contains a buffer overflow vulnerability. This occurs because the zstreambufferungets function does not ensure sufficient memory capacity before moving existing data, which ca...

CVE-2026-27820

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but...

ALPINE-CVE-2026-27820

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but...

DEBIAN-CVE-2026-27820

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but...

CVE-2026-27820

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but...

CVE-2026-27820

CVE-2026-27820 is a buffer overflow in the Ruby zlib interface’s Zlib::GzipReader caused by zstream_buffer_ungets not ensuring sufficient Ruby string capacity before memmove. Affected: zlib gem v3.2.0/3.2.1 and earlier (3.0.0 and below, 3.1.0/3.1.1, 3.2.0/3.2.1). Impact: memory corruption when bu...

CVE-2026-27820 zlib: Buffer Overflow in Zlib::GzipReader ungetc via large input leads to memory corruption

zlib is a Ruby interface for the zlib compression/decompression library. Versions 3.0.0 and below, 3.1.0, 3.1.1, 3.2.0 and 3.2.1 contain a buffer overflow vulnerability in the Zlib::GzipReader. The zstreambufferungets function prepends caller-provided bytes ahead of previously produced output but...