CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

kernel: nbd: fix incomplete validation of ioctl arg

A flaw has been found in the Linux kernel’s NBD drivers.The issue stems from incomplete validation of IOCTL arguments passed to the NBD driver. Specifically, oversized or unchecked arguments may lead to a signed integer overflow in blockwritefullpage and misuse of argument values cast to int in...

CVE-2025-71085

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

CVE-2025-71085

The CVE-2025-71085 issue is a Linux kernel vulnerability: an oops/BUG_ON occurs in skb handling within calipso_skbuff_setattr() when headroom grows beyond INT_MAX, due to an implicit cast in __skb_cow() and a delta calculation that can become negative. The root cause is an integer overflow path t...

EUVD-2021-2178

Malware in sbrugna...

EUVD-2007-3953

Malware in sbrugna...

EUVD-2014-9439

Malware in sbrugna...

SUSE CVE-2023-53513

In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35 signed integer...

SQL Injection

propel/propel1 is vulnerable to SQL Injection. The vulnerability is due to a lack of implicit integer cast of the limit input, which allows an attacker to execute malicious SQL...

SUSE CVE-2021-41202

TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the tf.range kernel, there is a conditional statement of type int64 = condition ? int64 : double. Due to C++ implicit conversion rules, both branches of the condition...

GHSA-89RJ-5GGJ-3P9P Reachable Assertion in OpenCV.

In OpenCV 3.3.1 corresponds with OpenCV-Python 3.3.1.11, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast...

Reachable Assertion in OpenCV.

In OpenCV 3.3.1 corresponds with OpenCV-Python 3.3.1.11, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast...

CVE-2014-9627

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large bo...

CVE-2014-9627

The CVE-2014-9627 issue affects VLC’s MP4 demuxer (modules/demux/mp4/libmp4.c): the MP4_ReadBox_String path casts a 64‑bit box length to 32‑bit, enabling a large box size that can lead to denial of service or potentially other impact. Affected product/version: VideoLAN VLC media player prior to 2...

CVE-2014-9627

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large bo...

Security update for opencv (important)

This update for opencv fixes the following issues: - CVE-2018-5268: Fixed a heap-based buffer overflow in incv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmtjpeg2000.cppwhen parsing a crafted image file. boo1075017 - CVE-2017-17760: Fixed an buffer overflow in function...

[SECURITY] [DLA 1354-1] opencv security update

Package : opencv Version : 2.3.1-11+deb7u4 CVE ID : CVE-2018-5268 CVE-2018-5269 Debian Bug : 886674 886675 Two vulnerabilities were found in OpenCV, the "Open Computer Vision Library". CVE-2018-5268 In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in...

CVE-2018-5269

In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast...

Denial Of Service (DoS) Through Assertion Failure

OpenCV is vulnerable to denial of service DoS through assertion failures. The vulnerability exists due to an incorrect integer cast which causes an assertion failure in cv::RBaseStream::setPost...