postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

Oracle Linux 8 : kernel (ELSA-2026-27353)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27353 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177582 CVE-2026-46331 - net/sched: actpedit: free pedit keys on...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the IEEE80211P2PATTROPERCHANNEL in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file within the WILC1000 wireless driver can lead to a out-of-bounds write when parsing the channel list attribute from...

Important: kernel-rt security, bug fix, and enhancement update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kerne...

Linux Distros Unpatched Vulnerability : CVE-2026-53701

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing o...

EUVD-2026-35202

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

Linux Distros Unpatched Vulnerability : CVE-2026-9669

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor,...

CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

JLSEC-2026-601

Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...

PT-2026-47453

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description bz2.BZ2Decompressor objects can be reused following a decompression error. If an application catches the resulting OSError and attempts to retry using the same decompressor, specially crafted...

Graphite-Web 数字错误漏洞

Graphite-Web is a highly scalable real-time plotting system developed by the Graphite Project. Versions of Graphite-Web prior to 1.3.15 contained a numerical error vulnerability. This vulnerability stemmed from integer underflow and out-of-bounds writes, as slotat did not ensure that the offset w...

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

RUSTSEC-2026-0151 Out-of-bounds writes due to integer overflow in jxl-grid on 32-bit platforms

On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. This could allow arbitrary code execution. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use...

FreeRDP 缓冲区错误漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.26.0 contained a buffer error vulnerability. This vulnerability stemmed from the plane bitmap decoder’s inability to prevent out-of-bounds write-ups during RLE plane data decoding...

NVIDIA Display Driver 缓冲区错误漏洞

NVIDIA Display Driver is a graphics driver developed by NVIDIA Corporation. NVIDIA Display Driver has a buffer error vulnerability, which can lead to out-of-bounds write attacks, potentially causing denial of service, privilege escalation, information leakage, data corruption, and code execution...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions, a malicious server may trigger out-of-bound writes in a connected client. Connections that use GDI or SurfaceCommands to send graphics updates to the client may send...

CLSA-2026-1779101894 opensc: Fix of CVE-2023-40661

CVE-2023-40661: fix multiple smartcard pkcs15init buffer overflows, underflows and out-of-bounds writes scpkcs15initrmdir, setcoscreatekey, cosmnewfile, cosmcreatekey, scpkcs15getlastupdate, iasecc-sdo, entersafe, epass2003 keygen...