JLSEC-2026-380

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

CVE-2026-25210

CVE-2026-25210 affects libexpat prior to 2.7.4, where doContent may miscompute bufSize due to missing integer overflow check during tag buffer reallocation. Multiple connected sources confirm the issue and reference a fix in updated expat releases; remediation is to update to a version including ...

EUVD-2019-5253

Malware in sbrugna...

EUVD-2017-18749

Malware in sbrugna...

EUVD-2017-8591

Malware in sbrugna...

CVE-2020-11169

u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics

Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID:CVE-2017-12973 DESCRIPTION: Connect2id Nimbus JOSE+JWT could provide...

SUSE: Security Advisory (SUSE-SU-2024:2946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : libqt5-qtbase (SUSE-SU-2024:2946-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2946-1 advisory. - CVE-2023-37369: Fixed a buffer overflow in QXmlStreamReader QTBUG-91889, bsc1214327. - CVE-2023-45935: Fixed NULL pointer...

SUSE-SU-2024:2890-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues: - CVE-2023-51714: Fixed an incorrect integer overflow check bsc1218413. - CVE-2024-39936: Fixed information leakage due to process HTTP2 communication before encrypted can be responded to bsc1227426 - CVE-2023-45935: Fixed NULL pointer...

Oracle Linux 9 : qt5-qtbase (ELSA-2024-2276)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2276 advisory. - Fix CVE-2024-25580: potential buffer overflow when reading KTX images Resolves: RHEL-25726 Tenable has extracted the preceding description block...

FreeBSD : QtNetwork -- potential buffer overflow (e2f981f1-ad9e-11ee-8b55-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e2f981f1-ad9e-11ee-8b55-4ccc6adda413 advisory. - An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qt6-base (SUSE-SU-2024:0063-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0063-1 advisory. - An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x...

CVE-2023-51714

An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...

Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

Nimbus JOSE+JWT missing overflow check

In Nimbus JOSE+JWT before 4.39, there is no integer-overflow check when converting length values from bytes to bits, which allows attackers to conduct HMAC bypass attacks by shifting Additional Authenticated Data AAD and ciphertext so that different plaintext is obtained for the same HMAC...

CVE-2019-13995

u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,...

Security Bulletin: Public disclosed vulnerability from Nimbus-JOSE-JWT affects IBM Spectrum LSF

Summary Public disclosed vulnerability from Nimbus-JOSE-JWT affects IBM Spectrum LSF Vulnerability Details CVE-2017-16007 BDSA-2017-0101 Nimbus JOSE+JWT implemented the ECDH-ES encryption option of the 'JSON Web Encryption' standard in a way that is vulnerable to cryptanalysis. This would enable ...

Ubuntu: Security Advisory (USN-3403-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...