CVE-2026-53036

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instruction units fits into the signed N-bit immediate field of a B, B.cond or...

Astra Linux – Vulnerability in imagemagick

In ImageMagick, there is a value of the type 'unsigned int' that is outside the representable range in MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

MiracleLinux 9 : java-17-openjdk-17.0.13.0.11-3.el9.ML.1 (AXSA:2024-8936:15)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8936:15 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...

A Pwn2Own SpiderMonkey JIT Bug

A Pwn2Own SpiderMonkey JIT Bug: From Integer Range Inconsistency to Bound Check Elimination then RCE. This repository contains proof of concept, exploit, and analysis slide for CVE-2024-29943...

CLSA-2024-1731523487 Fix of 5 CVEs

SECURITY UPDATE: Improper type casting in calculation in palm.c could lead to undefined behavior in processing input file - debian/patches/CVE-2020-27761.patch: fix color calculation issue that caused incorrect output when writing PALM images - CVE-2020-27761 SECURITY UPDATE: Negative Quantum val...

SUSE CVE-2014-1721

Google V8, as used in Google Chrome before 34.0.1847.116, does not properly implement lazy deoptimization, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by improper handling of a...

SUSE CVE-2020-27768

In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

GHSA-XX36-6RV4-GJ8R ecdsa-elixir fails to check signatures, vulnerable to message forging

Summary Stark Bank is a financial technology company that provides services to simplify and automate digital banking, by providing APIs to perform operations such as payments and transfers. In addition, Stark Bank maintains a number of cryptographic libraries to perform cryptographic signing and...

Improper Input Validation in cookie

Affected versions of this crate use the time crate and the method Duration::seconds to parse the Max-Age duration cookie setting. This method will panic if the value is greater than 2^64/1000 and less than or equal to 2^64, which can result in denial of service for a client or server. This flaw w...

DEBIAN-CVE-2020-27768

In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...

RUSTSEC-2017-0005 Large cookie Max-Age values can cause a denial of service

Affected versions of this crate use the time crate and the method Duration::seconds to parse the Max-Age duration cookie setting. This method will panic if the value is greater than 2^64/1000 and less than or equal to 2^64, which can result in denial of service for a client or server. This flaw w...

Large cookie Max-Age values can cause a denial of service

Affected versions of this crate use the time crate and the method Duration::seconds to parse the Max-Age duration cookie setting. This method will panic if the value is greater than 2^64/1000 and less than or equal to 2^64, which can result in denial of service for a client or server. This flaw w...