Vim 缓冲区错误漏洞

Vim is an open-source, cross-platform text editor developed by Vim. Versions of Vim prior to 9.2.0565 contained a buffer error vulnerability. This vulnerability stemmed from the updatesnapshot function, which performed a copy of the visible terminal screen into the scroll buffer. During this...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a resource management vulnerability, which stemmed from a reuse issue in the Autofill component. This vulnerability could allow remote attackers to exploit heap corruption through...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-8412-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8412-1 advisory. Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly...

openSUSE 16 Security Update : syft (openSUSE-SU-2026:20928-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20928-1 advisory. Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier...

PT-2026-48662

Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/file utils.py. The functions filter safe tarinfos and filter safe zipinfos validate archive member paths against the process current working directory CWD instead...

CVE-2026-42305

Dulwich is a pure-Python implementation of the Git file formats and protocols. Versions starting with 0.10.0 and prior to 1.2.5 have an arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accept...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb10.11: mariadb10.11-10.11.18-1.hum1 aarch64, x8664 mariadb10.11-backup-10.11.18-1.hum1 aarch64, x8664 mariadb10.11-client-utils-10.11.18-1.hum1 noarch mariadb10.11-common-10.11.18-1.hum1...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: mariadb11.8: mariadb-11.8.8-1.hum1 aarch64, x8664 mariadb-backup-11.8.8-1.hum1 aarch64, x8664 mariadb-client-utils-11.8.8-1.hum1 noarch mariadb-common-11.8.8-1.hum1 noarch...

CVE-2026-53465

ImageMagick (affected prior to 7.1.2-25) contains a heap buffer overwrite in the SF3 encoder when encoding a multi-frame image. The issue, tracked as CVE-2026-53465, can impact availability (HIGH) with little-to-no confidentiality or integrity impact as per the provided metrics. The root cause is...

CVE-2026-53461

ImageMagick contains an out-of-bounds heap write in the ICON decoder caused by an incorrect loop, affecting releases before 6.9.13-50 and 7.1.2-25. The vulnerability can lead to a crash (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is rated HIGH with network exploitation and no user interaction requi...

kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()

In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupted such that the incremental osdmap epoch is different from what is expected, there is no need to BUG. Instead, just declare the...

CVE-2026-46521

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when using LZMA compression in the MIFF encoder an out of bounds write can occur due to a missing check. This issue has been patched in versions 6.9.13-48 and...

CVE-2026-46520

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23...

CVE-2026-46522 ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: cosign: cosign-3.1.1-0.1.hum1 aarch64, x8664 cosign-3.1.1-0.1.hum1.src src...

CVE-2026-45358

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47...

CVE-2026-45358

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, an off by one in the meta encoder could result in an out of bounds read of a single byte in the meta encoder. This issue has been patched in versions 6.9.13-47...

Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: syft: syft-1.45.1-0.1.hum1 aarch64, x8664 syft-1.45.1-0.1.hum1.src src...

EUVD-2026-36111

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.1, on POSIX, escapeshellarg‘/usr/bin/wkhtmltopdf’ returns the literal string ‘/usr/bin/wkhtmltopdf’ with the single-quote characters included. isexecutable then looks for a file...

CVE-2026-46643

CVE-2026-46643 affects KnLplabs Snappy (knplabs/knp-snappy) on POSIX, where escapeshellarg('/usr/bin/wkhtmltopdf') may still leave $command unescaped due to a faulty is_executable check. This allows command execution when the binary path is influenced by user input or environment data, as the saf...