CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

EUVD-2026-33419

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

CVE-2026-42500

CVE-2026-42500 affects decoding in golang.org/x/image/bmp for paletted BMP images. The issue is triggered by decoding a BMP with an out-of-range palette index, causing a panic when accessing pixels in the invalid image. Root cause: palette index validation failure during palette/pixel processing....

Improper Validation of Array Index

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Validation of Array Index through the defaultSandboxPrepareStackTrace function in lib/setup-sandbox.js. An attacker can observe or rewrite...

Security update for xz

This update for xz fixes the following issue CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...

SUSE-SU-2026:2118-1 Security update for xz

This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280...

ROOT-APP-PYPI-CVE-2026-41066 CVE-2026-41066 in rootio-lxml - Patched by Root

Root has patched CVE-2026-41066 in the rootio-lxml package for Root:PyPI. Multiple fixed versions available...

EUVD-2018-21914

MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the logactivity function. Attackers can send POST requests to /index.php/user/logactivity with malicious SQL code in...

OESA-2026-2492 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indxread is called when we have some NTFS directory operations that need more information from the index...

SUSE CVE-2026-46122

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43rx The firmware-controlled key index in b43rx can exceed the dev-key array size 58 entries. The existing B43WARNON is non-enforcing in production builds, allowing an...

SUSE CVE-2026-46163

In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...

Linux Distros Unpatched Vulnerability : CVE-2026-46163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware- controlled key index in b43legacyrx can exceed...

Linux Distros Unpatched Vulnerability : CVE-2026-46122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: b43: enforce bounds check on firmware key index in b43rx The firmware-controlled key index in b43rx can exceed the dev-key array size 58 entries. The...

openSUSE 16 Security Update : xz (openSUSE-SU-2026:20813-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20813-1 advisory. This update for xz fixes the following issue - CVE-2026-34743: buffer overflow in lzmaindexappend bsc1261280. Tenable has extracted the preceding...

CVE-2026-46122

A flaw was found in the Linux kernel's b43 Wi-Fi driver. A remote attacker could exploit this vulnerability by providing a specially crafted firmware key index that exceeds the allocated array size in the b43rx function. This out-of-bounds read could lead to information disclosure, potentially...

EUVD-2026-25909

Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save...

CVE-2026-9583

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...