CVE-2026-34155 RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB

RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cause an integer overflow which results in a signature which covers only the first few bytes of the payload. Given such a bundle with a...

EUVD-2021-16084

Malware in sbrugna...

EUVD-2021-19459

Malware in sbrugna...

EUVD-2021-9697

Malicious code in bioql PyPI...

CVE-2023-53524

CVE-2023-53524 involves an integer overflow in the Linux kernel’s iwl_write_to_user_buf() used by iwl_dbgfs_monitor_data_read() in iwlwifi PCIe. The bug computes buf_size_left from count and *bytes_copied, then reduces it and may pass a negative value to copy_to_user, causing a heap overflow. It ...

Linux Distros Unpatched Vulnerability : CVE-2024-58010

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binfmtflat: Fix integer overflow bug on 32 bit systems Most of these sizes and counts are capped at 256MB so the math doesn't result in an integer overflow. Th...

SUSE SLES15 / openSUSE 15 Security Update : redis (SUSE-SU-2024:3575-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3575-1 advisory. - CVE-2024-31228: Fixed unbounded recursive pattern matching bsc1231265 - CVE-2024-31449: Fixed integer overflow bug ...

SUSE-SU-2024:3549-1 Security update for redis7

This update for redis7 fixes the following issues: - CVE-2024-31227: Fixed parsing issue leading to denail of service bsc1231266 - CVE-2024-31228: Fixed unbounded recursive pattern matching bsc1231265 - CVE-2024-31449: Fixed integer overflow bug in Lua bittohex bsc1231264...

BIT-VALKEY-2021-41099 Integer overflow issue with strings in Redis

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len...

CVE-2021-22556

The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...

CVE-2022-21729 Overflow and uncaught divide by zero in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The implementation of UnravelIndex is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlo...

Integer overflow

From version 0.2.14 to 0.2.16 for Solana rBPF, function "relocate" in the file src/elf.rs has an integer overflow bug because the sym.stvalue is read directly from ELF file without checking. If the sym.stvalue is rather large, an integer overflow is triggered while calculating the variable "addr"...

SUSE-SU-2021:2294-1 Security update for redis

This update for redis fixes the following issues: - Upgrade to 6.0.14 - CVE-2021-32625: An integer overflow bug could be exploited by using the STRALGO LCS command to cause remote remote code execution bsc1186722 - Fix crash in UNLINK on a stream key with deleted consumer groups - SINTERSTORE: Ad...

Moderate: lz4 security update

The lz4 packages provide support for LZ4, a very fast, lossless compression algorithm that provides compression speeds of 400 MB/s per core and scales with multicore CPUs. It also features an extremely fast decoder that reaches speeds of multiple GB/s per core and typically reaches RAM speed limi...

OPENSUSE-SU-2021:0841-1 Security update for redis

This update for redis fixes the following issues: redis was updated to 6.0.14: CVE-2021-32625: An integer overflow bug could be exploited by using the STRALGO LCS command to cause remote remote code execution boo1186722 Fix crash in UNLINK on a stream key with deleted consumer groups SINTERSTORE:...

SUSE SLED15 / SLES15 Security Update : lz4 (SUSE-SU-2021:1825-1)

This update for lz4 fixes the following issues : CVE-2021-3520: Fixed memory corruption due to an integer overflow bug caused by memmove argument bsc1185438. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

CVE-2021-29477

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. The...

UBUNTU-CVE-2020-11523

libfreerdp/gdi/region.c in FreeRDP versions 1.0 through 2.0.0-rc4 has an Integer Overflow...

Integer overflow

An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. An attacker on the same local network as the camera can craft a message with a size field larger than 0x80000000 and send it to the camera, related to an integer overflow or use of a negative number...

CVE-2017-1000229

Integer overflow bug in function minitiffreadinfo of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service...