ROS-20260526-73-0007

A vulnerability in the lzmaindexappend function of the XZ Utils data compression package is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260524-73-0033

A vulnerability in the vim text editor is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260520-73-0011

A vulnerability in the WebAudio component of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...

ROS-20260520-73-0060

A vulnerability in the Google Chrome web browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

ROS-20260520-73-0023

A vulnerability in the PDFium component of Google Chrome and Microsoft Edge browsers is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted PDF file...

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

ROS-20260515-73-0048

A vulnerability in the Skia graphics library of Google Chrome browser is associated with a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information...

CVE-2026-43138

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: suppress bind attributes in sysfs This is a special device that's created dynamically and is supposed to stay in memory forever. We also currently don't have a devlink between it and the actual reset consumer. Suppre...

ROS-20260429-73-0011

A vulnerability in the pgtrgm component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

ROS-20260429-73-0030

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0024

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0025

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0029

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260429-73-0012

A vulnerability in the pgtrgm component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges...

ROS-20260429-73-0026

A vulnerability in the pgcrypto component of the PostgreSQL database management system is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20260424-73-0002

Vulnerability in gimp related to buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

PT-2026-34383

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2 len with offsetof in smb2 calc max out buf len After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new desig...

CVE-2026-5450 scanf %mc off-by-one heap buffer overflow

Calling the scanf family of functions with a %mc malloc'd character match in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow...

UBUNTU-CVE-2026-23467

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

CVE-2026-30873

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...