Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a potential overflow of message boundary checks in the drm/amdgpu/vcn4 code...

PT-2026-40454

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...

RHEL 9 : firefox (RHSA-2026:13582)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13582 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The payload size has been sanitized to prevent member overflow. In functions qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by the firmware is used to calculate the copy length for the...

CLSA-2026-1776176227 glibc: Fix of 2 CVEs

CVE-2026-4437: fix incorrect record counting in getanswerptr that allowed iteration past the answer section boundary in DNS responses - CVE-2026-4438: fix hostname validation checking expectedname instead of namebuffer in getanswerptr, which could return invalid hostnames...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...

RHEL 9 : firefox (RHSA-2026:7671)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7671 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

Mozilla Thunderbird < 140.9.1

The version of Thunderbird installed on the remote Windows host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-29 advisory. - Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird...

Mozilla Firefox ESR < 140.9.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.9.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-27 advisory. - Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0,...

RHEL 10 : firefox (RHSA-2026:5931)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:5931 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

ROS-20260119-7346

A vulnerability in the drivers/ata/libata-sff.c component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to violate data integrity and also cause a denial of service...

The vulnerability of the dma_unmap_len_set() function in the bnxt_en component of the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the dmaunmaplenset function in the bnxten component of the Linux operating system’s kernel is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain increased privileges...

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin in IrfanView, a program for viewing and playing graphic, video, and audio files, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using specially...

The vulnerability of the HTTP-server of the microprogramming software for integrated media servers Sangoma IMG 2020 allows a perpetrator to execute arbitrary code.

The vulnerability of the HTTP-server of the microprogramming software integrated with Sangoma IMG 2020 relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the cacheinfo component in the Linux operating system’s kernel allows a hacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cacheinfo component in the Linux operating system’s kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an access in dm raid that exceeds a raid member array boundary...

The vulnerability of the 7Z File Parser component, a archive file processor for the WinZip archive manager, allows a hacker to execute arbitrary code.

The vulnerability of the 7Z File Parser component, a archive file processor for the WinZip archive manager, is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, by sending a...