QEMU calc_image_hostmem Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu driver. Th...

FreeBSD-SA-26:34.vt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:34.vt Security Advisory The FreeBSD Project Topic: Integer overflow in vt4 CONSHISTORY ioctl Category: core Module: vt Announced: 2026-06-09 Credits: Ed Mast...

ROS-20260609-73-0002

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to integer overflows. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...

PT-2026-48233

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description An integer overflow exists in the calc image hostmem function, which can lead to local privilege escalation. Recommendations At the moment, there is no information about a newer version that...

PT-2026-47981

Name of the Vulnerable Software and Affected Versions Windows Internet wininet.dll versions prior to June 2026 patchday Description An integer overflow or wraparound in the Windows Internet library wininet.dll allows an authorized attacker to elevate privileges locally. This issue occurs within t...

Linux Distros Unpatched Vulnerability : CVE-2026-11659

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

PT-2026-47920

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

FreeBSD Security Advisory - FreeBSD-SA-26:34.vt

FreeBSD Security Advisory - The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the...

PT-2026-48258

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition...

CVE-2026-11678

Summary: CVE-2026-11678 is an integer overflow in libyuv used by Google Chrome, fixed in version 149.0.7827.103. The issue could allow a remote attacker who has compromised the renderer process to extract potentially sensitive data from process memory via a crafted HTML page. Affected component: ...

CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-11659

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11659

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11659

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11655

CVE-2026-11655 is a vulnerability in Google Chrome on macOS caused by an integer overflow in Media handling, prior to build 149.0.7827.103. The flaw could allow a remote attacker who has compromised the renderer process to potentially escape the browser sandbox via a crafted HTML page, with a Chr...

CVE-2026-11640

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

USN-8349-2: rsync regression

USN-8349-1 fixed vulnerabilities in rsync. The update introduced multiple regressions in rsync functionality. This update fixes the problem. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with...