CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

CVE-2026-48101 GHSL-2026-117: 7-Zip UEFI Capsule uninitialized heap memory disclosure

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule .scap parser in 7-Zip. The OpenCapsule function allocates a heap buffer of attacker-declared CapsuleImageSize up to 1 GiB without...

UBUNTU-CVE-2026-43368

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential overflow of shmem scatterlist length When a scatterlists table of a GEM shmem object of size 4 GB or more is populated with pages allocated from a folio, unsigned int .length attribute of a scatterlist may...

PT-2026-31875

Name of the Vulnerable Software and Affected Versions wolfCrypt affected versions not specified Description An integer overflow in the wolfCrypt CMAC implementation could allow for the forging of CMAC tags. The wc CmacUpdate function incorrectly skipped XOR-chaining on the first block due to a...

SUSE CVE-2022-49030

In the Linux kernel, the following vulnerability has been resolved: libbpf: Handle size overflow for ringbuf mmap The maximum size of ringbuf is 2GB on x86-64 host, so 2 maxentries will overflow u32 when mapping producer page and data pages. Only casting maxentries to sizet is not enough, because...

CLSA-2022-1668705928 httpd: Fix of 2 CVEs

CVE-2022-28614: handle large writes in aprputs - CVE-2022-29404: use a liberal default limit for LimitRequestBody of 1GB...