544 matches found
Off-by-one Error
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error in CastDoubleToInt calculations. An attacker can cause the application to crash or become unresponsive by supplying a malicious SVG file. Remediation A fix was pushed into the master branch but not yet published...
CVE-2026-25794
ImageMagick is free and open-source software used for editing and manipulating digital images. WriteUHDRImage in coders/uhdr.c uses int arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-bit int, causing an...
CVE-2026-23118
A data race flaw was found in the Linux kernel's RxRPC protocol implementation. The lasttxat field is accessed without proper synchronization between rxrpcpeerkeepaliveworker and rxrpcsenddatapacket. Additionally, on 32-bit architectures, the 64-bit lasttxat value can experience load/store tearin...
CVE-2026-23149 drm: Do not allow userspace to trigger kernel warnings in drm_gem_change_handle_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...
CVE-2026-23149
In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...
CVE-2026-23149
Summary: CVE-2026-23149 affects the Linux kernel DRM subsystem, specifically drm_gem_change_handle_ioctl(). The vulnerability arises because GEM buffer object handles are u32 in the user API while internal idr_alloc() uses int ranges, causing a kernel warning (WARN_ON_ONCE) when a handle larger t...
CLSA-2026-1770741856 Fix CVE(s): CVE-2026-0861
SECURITY UPDATE: reinstate alignment overflow - debian/patches/CVE-2026-0861.patch: Fix alignment overflow check regression in intmemalign caused by the PTRDIFFMAX size cap change - CVE-2026-0861...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.1) +44 more potentially affected by CVE-2024-5986 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.1)
ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2024-5986 Source advisory: OSV:GHSA-WJ3H-WX8G-X699...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/mediatek: Fixed a coverage issue related to unintentional integer overflows. 1. Instead of multiplying two variables of different types, change the approach to assigning a value to one variable and then multiplying the oth...
MiracleLinux 7 : kernel-3.10.0-1160.36.2.el7 (AXSA:2021-2250:14)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2250:14 advisory. kernel: sizet-to-int conversion vulnerability in the filesystem layer CVE-2021-33909 kernel: use-after-free in net/bluetooth/hcievent.c when...
MiracleLinux 9 : galera-26.4.11-1.el9, mariadb-10.5.16-2.el9, mysql-selinux-1.0.5-1.el9 (AXSA:2022-4045:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4045:01 advisory. mariadb: MariaDB through 10.5.9 allows attackers to trigger a convertconsttoint use-after-free when the BIGINT data type is used CVE-2021-46669...
MiracleLinux 8 : firefox-115.9.1-1.el8.ML.1 (AXSA:2024-7652:13)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7652:13 advisory. nss: timing attack against RSA decryption CVE-2023-5388 Mozilla: Crash in NSS TLS method CVE-2024-0743 Mozilla: JIT code failed to save return...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001092)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001092 advisory. The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating ...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002878)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002878 advisory. The killsomethinginfo function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to...
UBUNTU-CVE-2025-71085
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...
K000159060: Linux kernel vulnerability CVE-2024-56615
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the...
PT-2026-8144
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where userspace can trigger kernel warnings within the drm gem change handle ioctl function. This occurs because GEM buffer object handles are represent...
CVE-2023-53999
A flaw was found in the Linux kernel. This memory leak vulnerability occurs when a flow rule, forwarding packets from an internal port over a tunnel, is split and extra post-action rules are added. The intport object's reference count is incremented but never decremented, leading to the object no...
SUSE CVE-2023-53999
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra postact rules are added to postact table. It's possible to trigger memleak when the rule forwards packets from internal port and over tunnel...