Lucene search
+L

318 matches found

Oracle linux
Oracle linux
added 2026/04/30 12:0 a.m.11 views

libtiff security update

4.6.0-6.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159309...

7.8CVSS5.2AI score0.00553EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.10 views

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1612)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1612 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds...

8.8CVSS5.9AI score0.00482EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Oracle Linux 10 : libtiff (ELSA-2026-12265)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-12265 advisory. 4.6.0-6.3 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile RHEL-159309 Tenable has extracted the preceding description block directly...

7.8CVSS5.9AI score0.00553EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013615 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in stru...

5.7AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/04/21 1:27 a.m.1 views

CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS6AI score0.00302EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.18 views

PT-2026-34009

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode signed32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

3.7CVSS5.8AI score0.00242EPSS
Exploits1References2
OSV
OSV
added 2026/04/20 6:2 p.m.5 views

JLSEC-2026-155

In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...

8.8CVSS7.5AI score0.01811EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/04/20 4:18 p.m.8 views

CVE-2026-41445

KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kissfftndralloc function in kissfftndr.c where the allocation size calculation dimOtherdimReal+2sizeofkissfftscalar overflows signed 32-bit integer arithmetic before being widened to sizet, causing malloc to allocate ...

8.8CVSS6AI score0.00288EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.5 views

PT-2026-33804

Name of the Vulnerable Software and Affected Versions KissFFT versions prior to commit 8a8e66e Description An integer overflow occurs in the kiss fftndr alloc function within kiss fftndr.c. The allocation size calculation dimOtherdimReal+2sizeofkiss fft scalar overflows signed 32-bit integer...

8.8CVSS6AI score0.00288EPSS
Exploits0References10
OSV
OSV
added 2026/04/16 3:49 p.m.11 views

CLSA-2026-1776354546 jq: Fix of CVE-2024-23337

CVE-2024-23337: fix signed integer overflow in jvparraywrite and jvpobjectrehash that could lead to SEGV on growing arrays and objects...

6.5CVSS7AI score0.00354EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/15 9:30 p.m.7 views

EUVD-2026-23098

A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...

6.5CVSS6.1AI score0.00437EPSS
Exploits0References3
CVE
CVE
added 2026/04/15 7:18 p.m.36 views

CVE-2026-6385

FFmpeg vulnerability CVE-2026-6385: a signed integer overflow in the DVD subtitle parser’s fragment reassembly bounds checks can cause a heap out-of-bounds write when processing specially crafted MPEG-PS/VOB media with a malicious DVD subtitle stream. Impact includes denial of service via applica...

6.5CVSS6.1AI score0.00437EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/15 7:18 p.m.44 views

CVE-2026-6385

A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...

6.5CVSS6AI score0.00437EPSS
Exploits0
OSV
OSV
added 2026/04/08 3:9 p.m.1 views

GHSA-P8XC-W3Q4-H64X OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write

Summary The DWA lossy decoder constructs temporary per-component block pointers using signed 32-bit arithmetic. For a large enough width, the calculation overflows and later decoder stores operate on a wrapped pointer outside the allocated rowBlock backing store. This bug is reachable from the...

8.4CVSS5.9AI score0.00419EPSS
Exploits1References6
Snyk
Snyk
added 2026/04/08 3:9 p.m.2 views

Out-of-bounds Write

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Write. through the internalexrundopiz process. An attacker can cause out-of-bounds memory access, leading to potential memory corruption or process crash, by...

8.8CVSS6AI score0.00482EPSS
Exploits1References4
OSV
OSV
added 2026/04/06 4:16 p.m.4 views

UBUNTU-CVE-2026-34380

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in undopxr24impl in src/lib/OpenEXRCore/internalpxr24.c at line 377. The...

5.9CVSS5.8AI score0.00255EPSS
Exploits1References11
Cvelist
Cvelist
added 2026/03/24 2:42 p.m.59 views

CVE-2026-4775 Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

7.8CVSS0.00553EPSS
Exploits0References29
RedHat Linux
RedHat Linux
added 2026/02/26 4:25 a.m.11 views

kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

A flaw was found in the Linux kernel’s TCP implementation in the function tcpaddbacklog. When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer skrcvbuf, the send buffer sksndbuf, and a fixed constant may exceed the maximum value of a signed integer due to...

5.9AI score0.00168EPSS
Exploits0References5
NVD
NVD
added 2026/02/25 3:20 p.m.10 views

CVE-2026-27691

iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, signed integer overflow in iccFromCube.cpp during multiplication triggers undefined behavior, potentially causing crashes or incorrect ICC profile generation when...

6.2CVSS0.0016EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/02/25 3:20 p.m.6 views

kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

A flaw was found in the Linux kernel’s TCP implementation in the function tcpaddbacklog. When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer skrcvbuf, the send buffer sksndbuf, and a fixed constant may exceed the maximum value of a signed integer due to...

5.9AI score0.00168EPSS
Exploits0References5
Rows per page
Query Builder