CLSA-2026-1779493861 postgresql: Fix of 6 CVEs

CVE-2026-6473: use pallocarray in hstoreplperl/hstoreplpython to avoid integer overflow on 32-bit systems - CVE-2026-6474: guard pgstrftime callers against unsafe conditions and ensure null-terminated output to prevent format-string leak via crafted timezone names - CVE-2026-6475: prevent path...

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client, related to copying buffers without checking the size of the input data, allows attackers to execute arbitrary code.

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created website...

The vulnerability of the slice_segment_header() function in the Libde265 video codec implementation allows a hacker to cause a service failure.

The vulnerability of the slicesegmentheader function in the Libde265 video codec implementation is related to the copying of buffers without checking the input size. Exploiting this vulnerability could allow an attacker to cause service interruptions...

Out-of-bounds Read

onnx is vulnerable to an Out-of-bounds Read. The vulnerability is due to missing buffer size checks which results in an off by one string copy within the ONNXASSERT and ONNXASSERTM functions...

The vulnerability of the `composite_dev_prepare()` function in the `drivers/usb/gadget/function/f_accessory.c` file of the USBFS file system driver for the Android operating system’s kernel allows a hacker to escalate their privileges.

The vulnerability of the compositedevprepare function in the drivers/usb/gadget/function/faccessory.c file of the USBFS file system driver for the Android operating system’s kernel is related to the lack of checks on buffer size. Exploiting this vulnerability could allow an attacker to increase...

The vulnerability of the implementation of the AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES) technology in microprogramming-based CPU software arises from copying buffers without checking the size of the input data. This allows attackers to disclose protected information.

The vulnerability of the AMD Secure Encrypted Virtualization-Encrypted State SEV-ES technology implementation in microprogramming-based CPU software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to disclose protected...

The vulnerability of the xrdp_login_wnd_create() function on the XRDP server allows a hacker to execute arbitrary code.

The vulnerability of the xrdploginwndcreate function on the XRDP server is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the utf_head_off() function in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the utfheadoff function in the Vim text editor is related to the lack of checks for buffer size and reading beyond the memory limit. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

CVE-2022-28787

Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic...

CVE-2022-28788

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic...

The vulnerability of the DIAG Mode implementation in Qualcomm’s embedded software allows a perpetrator to execute arbitrary code or cause malfunctions during maintenance operations.

The vulnerability of the DIAG Mode implementation in Qualcomm’s embedded software lies in the lack of checks for buffer size during array indexing. Exploiting this vulnerability can allow attackers to execute arbitrary code or cause system failures...

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules arises from copying buffers without checking the size of the input data. This allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability in the implementation of the Network Driver Interface Standard (NDIS) on Windows operating systems allows a hacker to increase their privileges.

The vulnerability in the implementation of the Network Driver Interface Standard NDIS for Windows operating systems exists due to the lack of checks for buffer size. Exploiting this vulnerability can allow an attacker to increase their privileges through a specially created application...

The vulnerability of the message transfer interface (Qualcomm Trusted Execution Environment) of the Android operating system, which allows a perpetrator to execute arbitrary code

The vulnerability of the message transfer interface Qualcomm Trusted Execution Environment, TEE in the Android operating system is related to improper checking of buffer sizes. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the ioctl() function in the QBT1000 driver in Android operating systems, for MSM, Firefox OS for MSM, QRD Android, and Android from the CAF repository, allows a hacker to trigger buffer overflows.

The vulnerability of the ioctl function in QBT1000 drivers in Android operating systems, for MSM, Firefox OS for MSM, QRD Android, and Android from the CAF repository, is related to deficiencies in buffer size checking. Exploiting this vulnerability can allow a local attacker to trigger buffer...

The vulnerability of the Keymaster component of the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Keymaster component of the Android operating system from the CAF repository is related to the lack of checks on buffer size. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Android operating system from the CAF repository exists due to the lack of checks on buffer size, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android operating system from the CAF repository arises from the lack of checks for buffer sizes in mechanisms designed to protect against malicious software. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system arises from incorrect checking of buffer size. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges...

Fedora 17 : php-pecl-radius-1.2.7-1.fc17 (2013-11992)

Version 1.2.7 - Fix a security issue in radiusgetvendorattr by enforcing checks of the VSA length field against the buffer size. Adam Version 1.2.6 - Support added for PHP 5.4 and 5.5. Johannes - Fixed bug 60885 Radius module causing Apache segmentation fault. Adam - Fixed a crash when calling...