Malwarebytes EDR 输入验证错误漏洞

Malwarebytes EDR is a terminal detection and response platform provided by the American company Malwarebytes. Version 1.0.11 of Malwarebytes EDR contains a vulnerability related to input validation. This vulnerability arises from truncating data exceeding 4GB during computing hash calculations,...

CVE-2026-46289

A flaw was found in the Linux kernel's lib/scatterlist component. Incorrect length calculations within the extractkvectosg function, when extracting data from a kvec to a scatterlist, could lead to writing beyond intended page boundaries. Additionally, when extracting a user buffer, the scatterli...

CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

ROS-20260605-73-0010

The vulnerability in ImageMagick is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0011

The vulnerability in ImageMagick7 is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0007

The vulnerability in ImageMagick7 is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0008

The vulnerability in ImageMagick is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0004

The vulnerability in ImageMagick is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0009

The vulnerability in ImageMagick7 is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0016

The vulnerability in ImageMagick is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

ROS-20260605-73-0017

The vulnerability in ImageMagick7 is related to incorrect calculations. Exploiting this vulnerability can allow an attacker to cause a service failure...

USN-8282-2 unbound vulnerabilities

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andr...

USN-8329-1: FFmpeg vulnerability

It was discovered that the FFmpeg CAF decoder incorrectly handled certain file size calculations. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent calculations of plane dimensions in the drm/gem mechanism. This vulnerability may lead to...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the connection cleanup limits in the netfilter nfconncount module. This issue may cause the number of...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mapdirectvalueaddr function in the instruction array adding an offset incorrectly, potentiall...

Degradation of service with unbounded NSEC3 hash calculations

...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

ALPINE-CVE-2026-42923

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

CVE-2026-42923

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...