5777 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pillow (UTSA-2026-016601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016601 advisory. pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. Tenable has extracted the preceding description block...
CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
CVE-2026-42627
Arm NN contains a vulnerability up to version 2026-03-27 where an integer overflow in TensorShape::GetNumElements() (armnn/Tensor.cpp) allows a crafted TFLite model to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multi...
PT-2026-42819
Name of the Vulnerable Software and Affected Versions Arm ArmNN versions prior to 2026-03-28 Description An integer overflow exists in the TensorShape::GetNumElements function within armnn/Tensor.cpp. This occurs when tensor dimensions are multiplied using 32-bit unsigned arithmetic without...
CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
PT-2026-42814
Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description An attacker capable of connecting to a magick -distribute-cache service can trigger a heap buffer over-read in the server process. A heap buffer over-read occurs when a program reads data...
Astra Linux - уязвимость в gst-plugins-good1.0
In GStreamer through 1.26.1, the isomp4 plugin’s qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, potentially leading to information disclosure...
Astra Linux - уязвимость в libssh2
The vulnerability of the libssh2ntohu32 function in the SSH2 protocol implementation library Libssh2 involves reading data beyond the allowable buffer size. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and also cause service failures...
Astra Linux - уязвимость в memcached
In memcached 1.5.16, when UNIX sockets are used, there is a stack-based buffer over-read issue in the conntostr function in memcached.c...
Astra Linux - уязвимость в binutils
A heap-based buffer overflow issue was discovered in the secmergehashlookup function in merge.c within the Binary File Descriptor BFD library also known as libbfd, as part of the GNU Binutils 2.31. This issue arises due to bfdaddmergesection improperly handling section merges when the size is not...
Astra Linux - уязвимость в opensc
A vulnerability was discovered in OpenSC. This security flaw causes a buffer overflow vulnerability in the cardoshaveverifyrcpackage function. An attacker can provide a smart card package with malformed ASN1 data. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, but the...
Astra Linux - уязвимость в glibc
The iconv feature in the GNU C Library also known as glibc or libc6, up to version 2.32, may have a buffer over-read issue when processing invalid multi-byte input sequences in the EUC-KR encoding...
Astra Linux - уязвимость в krb5
The vulnerability of the getmechset function in the spnegomech.c component of the Kerberos authentication protocol is related to reading data from within a permissible buffer size. Exploiting this vulnerability allows an attacker to cause service failures...
Astra Linux - уязвимость в fly-wm
The vulnerability of the fly-wm window graphical manager is related to reading data beyond the allowable buffer limit. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в aspell
The libaspell.a module in GNU Aspell prior to version 0.60.8 has a stack-based buffer overflow issue in the common::unescape function within common/getdata.cpp, caused by an isolated \ character...
Astra Linux - уязвимость в exiv2
In Exiv2 0.27.99.0, the PngImage::readMetadata function in the pngimage.cpp file allows attackers to cause a denial of service heap-based buffer over-read through a crafted image file...
Astra Linux - уязвимость в libstb
stbimage.h also known as the stb image loader version 2.23 has a heap-based buffer overflow issue in stbitgaload, which can lead to information disclosure or denial of service...
Astra Linux - уязвимость в bind9
In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of the Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and...
Astra Linux - уязвимость в pillow
In Pillow before 8.1.0, PcxDecode has a buffer over-reading issue when decoding a crafted PCX file, because the user-supplied stride value is trusted for buffer calculations...
Astra Linux - уязвимость в vim
Buffer over-reading in the GitHub repository vim/vim before version 8.2.4974...