4 matches found
CVE-2026-40863
CVE-2026-40863 affects PhpSpreadsheet’s SpreadsheetML XML reader. An attacker can craft an XML with an oversized ss:Index (e.g., 999999999) on a , inflating the internal cachedHighestRow to ~1 billion and causing CPU exhaustion during row iteration. This leads to denial of service when processing...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005146)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005146 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in...
SUSE CVE-2025-38568
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
jq: jq has signed integer overflow in jv.c:jvp_array_write
A flaw was found in jq, a command line JSON processor. An integer overflow can occur when attempting to assign a value using an array index of 2147483647 or when creating an array with 2147483647 elements, the maximum value for a 32-bit signed integer. This issue causes out-of-bounds memory acces...