kernel: crypto: algif_aead - Revert to operating out-of-place

A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...

EUVD-2026-30001

A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-42780

A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000149743: BIG-IP SSL Orchestrator vulnerability CVE-2026-42780

Security Advisory Description A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files. CVE-2026-42780 Impact An authenticated attacker with high privilege may exploit this...

CLSA-2026-1778660100 binutils: Fix of CVE-2022-48063

CVE-2022-48063: fix excessive memory allocation in loadspecificdebugsection for corrupt ELF...

PT-2026-40672

Name of the Vulnerable Software and Affected Versions BIG-IP SSL Orchestrator affected versions not specified Description A directory traversal issue allows an authenticated attacker with high privileges to overwrite, delete, or corrupt arbitrary local files. Directory traversal is a flaw that...

EUVD-2026-28671

In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized liclogroundoff values If the superblock doesn't list a log stripe unit, we set the incore log roundoff value to 512. This leads to corrupt logs and unmountable filesystems in generic/617 on a disk with 4k...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A NULL pointer dereference issue was discovered in the gfs2 file system within the Linux kernel. This issue occurs in corrupted gfs2 file systems when the evict code attempts to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could explo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corruptbiobyte feature Fix memory corruption due to incorrect parameter being passed to bioinit...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than EXT4FCTAGBASELEN which will lead to out of bound read when mounting corrupt file...

CLSA-2026-1777683582 mysql: Fix of CVE-2018-2755

CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...

CLSA-2026-1777538840 mysql: Fix of CVE-2018-2755

CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

UBUNTU-CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

CLSA-2026-1777308938 gdb: Fix of CVE-2019-1010180

CVE-2019-1010180: add warning for corrupt ELF section size larger than file...

sqlite: Fix of CVE-2018-8740

CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...

CLSA-2026-1777052042 sqlite: Fix of CVE-2018-8740

CVE-2018-8740: avoid a NULL pointer dereference when the sqlitemaster schema contains a corrupt CREATE TABLE AS entry...

CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

CVE-2026-3470

A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database...

EVerest 竞争条件问题漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a race condition vulnerability, which was caused by data competition and could lead to corrupted containers or optional values...