X.Org X Server 数字错误漏洞

X.Org X Server is an X Window system display server developed by the X.Org Foundation. X.Org X Server has a numerical error vulnerability, which stems from integer underflow in the XKB compatibility mapping process. This vulnerability may allow attackers to trigger a buffer overflow, leading to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libexif (UTSA-2026-014285)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014285 advisory. libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten du...

CVE-2026-35330

Integer Underflow When Handling EAP-SIM/AKA Attributes...

CVE-2026-35333

Integer Underflow When Handling RADIUS Attributes...

UBUNTU-CVE-2026-35333

Integer Underflow When Handling RADIUS Attributes...

UBUNTU-CVE-2026-35330

Integer Underflow When Handling EAP-SIM/AKA Attributes...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013816)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013816 advisory. In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is n...

JLSEC-2026-170

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

JLSEC-2026-163

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service schemainit.c serialNumberAndIssuerCheck...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011315 advisory. In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is n...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011039)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011039 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer...

CVE-2026-5720

A flaw was found in miniupnpd. Remote attackers can exploit an integer underflow vulnerability during the parsing of the SOAPAction header by sending a specially crafted malformed header that includes a single quote. This improper length validation can lead to an out-of-bounds memory read,...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the ParseHttpHeaders process. An attacker can cause the application to read memory outside the bounds of the allocated HTTP request buffer by sending a specially crafted SOAPAction header containi...

DEBIAN-CVE-2026-5720

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

CVE-2026-5720

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

UBUNTU-CVE-2026-5720

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

CVE-2026-5720

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

CVE-2026-5720 miniupnpd Integer Underflow SOAPAction Header Parsing

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

CVE-2026-5720

The CVE-2026-5720 issue affects the MiniUPnP daemon (miniupnpd). The vulnerability is an integer underflow in SOAPAction header parsing within ParseHttpHeaders(), where improper length validation can cause an underflow to a large unsigned value and an out-of-bounds memchr() read. This can lead to...

CVE-2026-5720

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...