CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

PT-2026-36508

Name of the Vulnerable Software and Affected Versions Open-SAE-J1939 versions prior to commit b6caf884df46435e539b1ecbf92b6c29b345bdfe Description An integer underflow exists in the SAE J1939 Read Transport Protocol Data Transfer function. This allows attackers to write to arbitrary memory by usi...

xorg-x11-server security update

An update is available for xorg-x11-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org is an open-source implementation of the X Window System. It...

xorg-x11-server-Xwayland security update

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...

CVE-2026-33845 Gnutls: gnutls: denial of service via dtls zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the DTLS handshake parsing process. An attacker can cause an out-of-bounds read and potentially disclose sensitive memory or crash the application by sending specially crafted DTLS handshake...

CLSA-2026-1777569045 libsoup: Fix of CVE-2026-2369

CVE-2026-2369: fix integer underflow in sniffunknown on zero-length buffer that caused an out-of-bounds read in the content sniffer...

SUSE-SU-2026:21436-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

PT-2026-36149

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw in DTLS handshake parsing allows malformed fragments with zero length and non-zero offset to cause an integer underflow during reassembly. This leads to an out-of-bounds read, which is...

AlmaLinux 8 : xorg-x11-server-Xwayland (ALSA-2026:11656)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:11656 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server:...

AlmaLinux 9 : xorg-x11-server (ALSA-2026:11388)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:11388 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server:...

CVE-2026-7423

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...

CVE-2026-7424 Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

EUVD-2026-26277

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

CVE-2026-7424

CVE-2026-7424 describes an integer underflow in the DHCPv6 sub-option parser of FreeRTOS-Plus-TCP. The issue affects FreeRTOS-Plus-TCP versions before V4.4.1 and before V4.2.6, and is triggered when DHCPv6 is enabled. An adjacent network actor can exploit the underflow by sending a crafted DHCPv6...

CVE-2026-7423 Integer Underflow in ICMP Echo Reply Processing in FreeRTOS-Plus-TCP

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...

CVE-2026-7423

The CVE affects FreeRTOS-Plus-TCP: an integer underflow in ICMP/ICMPv6 echo reply handling prior to V4.4.1 and V4.2.6. Subtracting header sizes from a packet length without validating size enables a heap out-of-bounds read (~65KB), allowing an adjacent attacker to cause a device crash (DoS) when ...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

Xorg: xwayland: x.org x server: denial of service via integer underflow in xkb compatibility map handling

...

FreeRTOS-Plus-TCP 数字错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source, and thread-safe TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.4.1 and V4.2.6 of FreeRTOS-Plus-TCP contained a numerical error vulnerability. This vulnerability stemmed from integer underflow in the DHCPv6 sub-option parser, whic...