53976 matches found
CVE-2026-39824 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number of bytes, it returns a truncated string rather than an error...
CVE-2026-39824 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number of bytes, it returns a truncated string rather than an error...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the NewNTUnicodeString function. An attacker can cause a truncated string rather than an error to be returned by convincing a user to access a filename of excessive length. Remediation Upgrade...
GO-2026-5024 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows
NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString a 16-bit number of bytes, it returns a truncated string rather than an error...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the NewNTUnicodeString function. An attacker can cause a truncated string rather than an error to be returned by convincing a user to access a filename of excessive length. Remediation Upgrade...
CLSA-2026-1779466465 rsync: Fix of CVE-2026-43618
CVE-2026-43618: fix integer overflow in compressed-token decoder allowing remote memory disclosure via crafted compressed stream...
CLSA-2026-1778860714 gimp: Fix of 2 CVEs
CVE-2026-4153: fix heap-based buffer overflow in PSP file parser by computing proper linewidth for bit depths 1 and 4 with small widths - CVE-2026-4154: fix integer overflow and buffer overflow in XPM file parser by adding GIMPMAXIMAGESIZE bounds checks and using gtrynew...
CLSA-2026-1777538340 Update of cpio
Fix integer overflow in dstring.c dsfgetstr that triggers an out-of-bounds heap write...
CLSA-2026-1779455173 Fix CVE(s): CVE-2026-43618
SECURITY UPDATE: integer overflow in compressed-token decoder allows memory disclosure to a malicious sender - debian/patches/CVE-2026-43618.patch: cap rxtoken at MAXTOKENINDEX and add overflow checks in recvcompressedtokennum/run; add CHUNKSIZE bound check in simplerecvtoken; initialize data=NUL...
CVE-2026-43618
A flaw was found in rsync. An authenticated daemon peer can exploit an integer overflow vulnerability in the compressed-token decoder. By carefully manipulating the compressed-token, a malicious sender can trigger an overflow, leading to remote memory disclosure. This allows an attacker to leak...
CLSA-2026-1779438231 rsync: Fix of CVE-2026-43618
CVE-2026-43618: fix integer overflow in compressed-token decoder allowing memory disclosure via crafted compressed stream...
Integer Overflow or Wraparound
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the payload size calculation within the Write process. An attacker can cause the process to enter an infinite loop and exhaust system resources by...
CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
CVE-2026-39834
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
EUVD-2026-31400
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
SUSE CVE-2026-43618
Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended...
GO-2026-5020 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...
Debian dla-4593 : libopenjp2-7 - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4593 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4593-1 [email protected] https://www.debian.org/lts/security/...
Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016773)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016773 advisory. An issue was discovered in SoX 14.4.2. lsxmakelpf in effectidsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is...