53977 matches found
CLSA-2026-1778895374 Fix CVE(s): CVE-2026-7598
SECURITY UPDATE: Fix integer overflow in userauthpassword usernamelen/passwordlen bounds checks - debian/patches/CVE-2026-7598.patch: Fix integer overflow in userauthpassword usernamelen/passwordlen bounds checks - CVE-2026-7598...
SUSE CVE-2026-42308
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...
SUSE CVE-2026-44636
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...
SUSE CVE-2026-44637
libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixeldecoderawimpl. context-posx grows by repeatcount on every sixel character wit...
Chromium: CVE-2026-8577 Integer overflow in Fonts
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8573 Integer overflow in Codecs
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8567 Integer overflow in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8559 Integer overflow in Internationalization
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8532 Integer overflow in XML
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-8519 Integer overflow in ANGLE
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium) < 148.0.3967.70 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 148.0.3967.70. It is, therefore, affected by multiple vulnerabilities as referenced in the May 15, 2026 advisory. - Microsoft Edge Chromium-based Remote Code Execution Vulnerability CVE-2026-45495 - Improper input...
openSUSE 16 Security Update : ffmpeg-4 (openSUSE-SU-2026:20726-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20726-1 advisory. Changes in ffmpeg-4: - CVE-2026-40962: Fixed inadequate CENC subsample bounds checks that could lead to an integer overflow bsc1262237. Tenable has...
[SECURITY] [DSA 6277-1] openjpeg2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6277-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2026 https://www.debian.org/security/faq -...
CVE-2026-44673
A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...
CVE-2026-42308
A flaw was found in Pillow, a Python imaging library. If a font advances for each glyph by an exceeding large amount, an integer overflow can occur when Pillow tracks the current position. This could lead to a denial of service DoS condition, making the application unavailable. Mitigation To...
CVE-2026-6664
A flaw was found in PgBouncer. An integer overflow in the network packet parsing code allows an unauthenticated remote attacker to bypass a boundary check by sending a malformed SCRAM authentication packet. This can lead to a crash, resulting in a Denial of Service DoS for the PgBouncer instance...
CVE-2026-43908
A flaw was found in OpenImageIO. A signed 32-bit integer overflow in the ConvertCbYCrYToRGB function can lead to an out-of-bounds write. A remote attacker could exploit this by convincing a user to process a specially crafted image file, resulting in a denial of service DoS due to a process crash...
CVE-2026-43996
A flaw was found in OpenImageIO. An integer overflow vulnerability exists in the TGAInput::decodepixel function's bounds check. This flaw allows a local attacker, by enticing a user to process a specially crafted image file, to cause an out-of-bounds read, leading to a segmentation fault and a...
OESA-2026-2325 lcms2 security update
LittleCMS intends to be an OPEN SOURSE small-footprint color management engine,with special focus on accuracy and performence.It uses the International Color Consortium standard ICC, which is the modern standard when regarding to color management. The ICC specification is widely used and is...
SUSE-SU-2026:21675-1 Security update for tiff
This update for tiff fixes the following issue - CVE-2026-4775: signed integer overflow in the putcontig8bitYCbCr44tile function bsc1260411...