openSUSE 16 Security Update : python-Pillow (openSUSE-SU-2026:20831-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20831-1 advisory. This update for python-Pillow fixes the following issues - CVE-2026-42308: integer overflow in font processing can lead to denial of service...

OPENSUSE-SU-2026:20831-1 Security update for python-Pillow

This update for python-Pillow fixes the following issues - CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. - CVE-2026-42309: heap buffer overflow when processing nested list coordinates bsc1265153. - CVE-2026-42310: infinite loop and resource exhausti...

Security update for python-Pillow

This update for python-Pillow fixes the following issue CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

SUSE-SU-2026:2004-1 Security update for python-Pillow

This update for python-Pillow fixes the following issue - CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359...

BIT-PILLOW-2026-42308 Pillow: Integer overflow when processing fonts

Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...

GHSA-WJX4-4JCJ-G98J Pillow has an integer overflow when processing fonts

If a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This has been fixed...

CVE-2026-5314

A flaw was found in Nothings stb, specifically within the stbttInitFontinternal function in the stbtruetype.h library. A remote attacker can exploit this vulnerability by performing a manipulation that leads to an out-of-bounds read. This can result in a Denial of Service DoS, making the affected...

Canon Printers Multiple Vulnerabilities (CP2026-001)

Multiple vulnerabilities have been identified for certain Canon Small Office Multifunction Printers and Laser Printers. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2025-14235

Canon Small Office Multifunction Printers and Laser Printers are affected by CVE-2025-14235 due to a buffer overflow in XPS font fpgm data processing. A remote attacker on the network could trigger a crash or arbitrary code execution. Affected firmware: v06.02 and earlier across listed models (Ja...

CVE-2021-31013

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. Processing a maliciously crafted font may result in the disclosure of process memory...

EUVD-2021-17748

Malware in sbrugna...

EUVD-2020-21985

Malware in sbrugna...

EUVD-2020-20424

Malware in sbrugna...

EUVD-2018-16679

Malware in sbrugna...

EUVD-2019-8932

Malware in sbrugna...

EUVD-2005-0061

Malware in sbrugna...

EUVD-2020-24076

Malware in sbrugna...

EUVD-2018-16678

Malware in sbrugna...

A week in security (September 29 – October 5)

Last week on Malwarebytes Labs: From threats to apology, hackers pull child data offline after public backlash Your Meta AI conversations may come back as ads in your feed Scam Facebook groups send malicious Android malware to seniors Sendit tricked kids, harvested their data, and faked messages,...

EUVD-2024-51024

Malicious code in bioql PyPI...