1447 matches found
CVE-2026-5089 YAML::Syck versions before 1.38 for Perl has an out-of-bounds read
YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the inner while loop...
CVE-2026-5089
YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the inner while loop...
YAML::Syck 安全漏洞
YAML::Syck is a Perl library open-sourced by CPAN authors. Versions of YAML::Syck prior to 1.38 contained security vulnerabilities. These vulnerabilities stemmed from the base60 parsing code in perlsyck.h, which experienced a buffer underflow. When processing the leftmost segment of colon-separat...
PT-2026-40106
Name of the Vulnerable Software and Affected Versions YAML::Syck versions prior to 1.38 Description An out-of-bounds read exists in the base60 sexagesimal parsing code within perl syck.h. Specifically, the intbase60 and floatbase60 handlers contain a buffer underflow bug. When processing the...
Moderate: Red Hat Security Advisory: glib2 security update
An update for glib2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
Moderate: Red Hat Security Advisory: glib2 security update
An update for glib2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
Moderate: glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...
Moderate: glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...
RHEL 9 : glib2 (RHSA-2026:15971)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15971 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
CLSA-2026-1778219103 glib2: Fix of CVE-2025-4373
CVE-2025-4373 fix buffer underflow in gstringinsertunichar and other GString APIs by carefully handling gssize parameters in glib/gstring.c...
JLSEC-2026-488 A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap...
A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings...
capstone: Capstone: Memory corruption via unchecked vsnprintf return
A flaw was found in Capstone, a disassembly framework. An unchecked return value from vsnprintf within the SStreamconcat function allows a malicious input to manipulate the internal stream index. This can lead to a stack buffer underflow or overflow, potentially enabling a local attacker to achie...
SUSE SLES16 Security Update : libssh (SUSE-SU-2026:21428-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21428-1 advisory. - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible...
Astra Linux – Vulnerability in exempi
The XMP Toolkit version 2020.1 and earlier versions is affected by a Buffer Underflow vulnerability, which could lead to the execution of arbitrary code in the context of the current user. Exploiting this issue requires user interaction, as the victim must open a malicious file...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fixed an issue where the data length of the skb structure was underflowed. A BUGON will be triggered in include/linux/skbuff.h, resulting in intermittent kernel panics when a length underflow is detected. This issu...
openSUSE 16 Security Update : libssh (openSUSE-SU-2026:20647-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20647-1 advisory. - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible Denial of...
EUVD-2026-26604
In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...