CVE-2026-49510

Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f...

CVE-2026-49510

CVE-2026-49510 is a vulnerability in Samsung Open Source rlottie caused by an integer overflow/wraparound . Affected: rlottie before 21292665023e5074b38254432716866d00f1985f. Root cause: integer overflow in the Open Source rlottie code. Impact per CVSS: confidentiality NONE, integrity LOW, availa...

OESA-2026-2479 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of validation of the dacloffset value in the smb client. Malicious servers can return a...

UBUNTU-CVE-2026-46062

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in rununpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use...

CVE-2026-38427

An issue in fetchjpg in xdrv10scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read...

OESA-2026-2414 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

OESA-2026-2413 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

OESA-2026-2382 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

OESA-2026-2381 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

CLSA-2026-1779389543 Fix of 6 CVEs

SECURITY UPDATE: integer wraparound on 32-bit systems in palloc callers - debian/patches/CVE-2026-6473.patch: integer wraparound on 32-bit systems in palloc callers - CVE-2026-6473 SECURITY UPDATE: format-string memory disclosure in timeofday via crafted timezones -...

SUSE CVE-2022-50299

In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf returns the number of characters generated from...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ALSA: emu10k1: Fixed an out-of-bounds access in sndemu10k1pcmchannelalloc The voice allocator sometimes begins allocating from near the end of the array, and then wraps around. However, the sndemu10k1pcmchannelalloc function...

Astra Linux - уязвимость в linux-5.10, linux

A issue was discovered in the Linux kernel through version 6.0.10. In the l2capconfigreq function within net/bluetooth/l2capcore.c, there is an integer wraparound occurring when processing L2CAPCONFREQ packets...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlink: A flaw related to wraparounds of sk-skrmemalloc. This issue occurs in some parts of netlink. The flaw is as follows: If atomicread&sk-skrmemalloc sk-skrcvbuf, then atomicaddskb-truesize, &sk-skrmemalloc. This issue was...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: Check the packet for fixup for true limits. If a device sends a packet that lies between 0 and sizeofu64, the value passed to skbtrim as the packet length will wrap around, resulting in a very large value. The driver...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the compressed-token decoder process. An attacker can access sensitive memory contents, including environment variables, passwords, heap and stack data, and library memory pointers, by sending speciall...

Linux Distros Unpatched Vulnerability : CVE-2026-43341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabl...

Updated postgresql15 packages fix security vulnerabilities

PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege. CVE-2026-6472 PostgreSQL server undersizes allocations, via integer wraparound. CVE-2026-6473 PostgreSQL timeofday can disclose portions of server memory. CVE-2026-6474 PostgreSQL pgbasebackup and pgrewind can overwrite...

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...