PT-2026-45870

Name of the Vulnerable Software and Affected Versions openSeaChest version 25.05.3 Description Out of bounds write and read operations occur when using the --showSCSIDefects command. This issue allows for writing defect information out of bounds when processing very large defect lists, which can ...

CVE-2026-46599

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

EUVD-2026-27677

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

EUVD-2026-27560

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ca8210: Fix for negative array access to maclen This patch addresses a buffer overflow issue where skb-data is accessed if ieee802154hdrpeekaddrs fails...

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

EUVD-2025-206666

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATAFRAG receive path. An un authenticated sender can transmit a single malformed RTPS...

CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

CVE-2025-58150

CVE-2025-58150 affects the Xen hypervisor (shadow mode tracing code) where per-CPU variables are written with guest-controlled data. The writes can exceed the destination variable, and bounding is missing, enabling memory corruption. Public advisories (XSA-477) and multiple distro updates (Fedora...

Xen security vulnerabilities

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has security vulnerabilities; these...

CVE-2025-59465

CVE-2025-59465 is observed affecting Node.js packages across multiple Amazon Linux and Fedora advisories. The issue concerns Node.js HTTP/2 server handling of malformed HEADERS frames with oversized HPACK data, leading to a crash via an unhandled TLSSocket error (ECONNRESET) and remote DoS. Affec...

CVE-2025-14235

Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....

CVE-2025-14235

Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. : Satera LBP670C Series/Satera MF750C Series firmware v06....

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000519)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000519 advisory. An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that ca...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992404 advisory. In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if...

Mozilla Firefox < 61.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 61.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-15 advisory. - Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David...

EUVD-2016-1571

Malware in sbrugna...

EUVD-2018-18099

Malware in sbrugna...

EUVD-2023-33286

Malicious code in bioql PyPI...