506 matches found
PYSEC-2026-1954 Invalid char to bool conversion when printing a tensor
Impact When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. Patches We have patched the issu...
Invalid char to bool conversion when printing a tensor
ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...
PYSEC-2026-939 Invalid char to bool conversion when printing a tensor
Impact When printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. Patches We have patched the issu...
Invalid char to bool conversion when printing a tensor
ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the bdfchar process when attacker-controlled dimensions from a BDF font file are passed to Image.new without invoking the decompressionbombcheck function. An attacker can cause excessive...
EUVD-2026-40295
DBIx::QuickORM versions before 0.000026 for Perl allow SQL injection via unquoted SQL identifiers. The default SQL builder, a SQL::Abstract subclass, sets bindtype in its constructor but never quotechar, so SQL::Abstract emits identifiers verbatim. Caller-supplied identifiers orderby, where-claus...
DEBIAN-CVE-2026-56123
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...
CVE-2026-56123
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...
PT-2026-52504
Name of the Vulnerable Software and Affected Versions socat versions 1.8.0.0 through 1.8.1.1 Description A heap-based buffer overflow exists in the SOCKS5 DOMAINNAME reply parser during proxy connection setup. The issue stems from a sign-extension flaw where the domain name length byte is read as...
Important: Red Hat Security Advisory: 389-ds-base security, bug fix, and enhancement update
An update for 389-ds-base is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
BIT-APACHE-2026-44631 Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CVE-2026-44631 Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow
Buffer Underwrite vulnerability in Apache HTTP Server on crafted regular expressions in the configuration. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...
CLSA-2026-1779887887 Fix CVE(s): CVE-2026-7258
SECURITY UPDATE: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - debian/patches/CVE-2026-7258.patch: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-7258...
CLSA-2026-1779121308 php: Fix of 3 CVEs
CVE-2026-7258: fix signed-char passing to ctype.h functions in urldecode and url parsing GHSA-m8rr-4c36-8gq4 - CVE-2026-7262: fix NULL check in tozvalmap using wrong variable xmlKey instead of xmlValue, causing crash in SOAP typemap decoding GHSA-hmxp-6pc4-f3vv - CVE-2026-7568: fix signed integer...
Astra Linux – Vulnerability in imagemagick
A flaw was discovered in ImageMagick, specifically in the files MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned char, and...
Astra Linux – Vulnerability in imagemagick
A vulnerability was discovered in ImageMagick, causing a value that is outside the representable range for the type ‘unsigned char’ at coders/psd.c, when crafted or untrusted input is processed. This results in a negative impact on the availability of the application or other problems related to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: wmi: Fixed the issue of opening character devices Since the commit fa1f68db6ca7 “drivers: misc: passed the miscdevice pointer through file private data”, the miscdevice stores a pointer to itself within...
Astra Linux – Vulnerability in imagemagick
An integer overflow issue was discovered in ImageMagick’s ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values that are outside the representable range for ‘unsigned char’. When ImageMagick processes a specially crafted PDF file, this...
CLSA-2026-1779183103 vim: Fix of 6 CVEs
CVE-2021-3903: do not set VALIDBOTLINE in updatetopline when screen is invalid - CVE-2022-1616: tighten appendcommand loop bound + pre-write length check to avoid buffer overflow with composing chars - CVE-2022-2042: initialize attr in spellmoveto and capture emptyline before mlgetbuf invalidates...
CLSA-2026-1779125894 php: Fix of 7 CVEs
CVE-2026-7258: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-6722: fix stale SOAPGLOBAL refmap pointer with Apache Map GHSA-85c2-q967-79q5 - CVE-2026-7259: fix null pointer dereference in phpmbcheckencoding via mberegsearchinit GHSA-wm6j-2649-pv75 -...