CVE-2026-8295

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "stringbuilder::escapeandappend" when processing very large input strings on platforms with limited "sizet" width e.g., 32-bit builds. The overflow can cause insufficient buffer...

PT-2026-41033

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixel decode raw impl. context-pos x grows by repeat count on every sixel characte...

PT-2026-40904

An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string builder::escape and append" when processing very large input strings on platforms with limited "size t" width e.g., 32-bit builds. The overflow can cause insufficient buffer...

PT-2026-41032

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel encode highcolor's allocation size calculation can lead to a heap buffer overflow. The public sixel encode entry point validates only that width and height are greater...

simdjson 输入验证错误漏洞

Simdjson is an open-source, high-performance JSON parsing library developed by Simdjson. Versions of Simdjson prior to 4.6.4 contained a vulnerability related to input validation errors. This vulnerability stemmed from the stringbuilder::escapeandAppend function, which had an integer overflow whe...

libsixel 安全漏洞

Libsixel is a software package developed by Hayaki Saito, which provides encoding/decoding implementations for DEC SIXEL graphics and other conversion programs. Versions of Libsixel 1.8.7-r1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a signed integer overfl...

libyang 输入验证错误漏洞

LibYang is an open-source YANG data modeling language parser and toolkit developed in C language by CESNET. Versions of LibYang prior to 5.2.15 contained a vulnerability related to input validation errors. This vulnerability stemmed from an integer overflow in the lybreadstring function, which...

Medium: gimp

Issue Overview: A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when...

PT-2026-41102

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. Recommendations Update to version 148.0.7778.168 or later...

PT-2026-41096

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in ANGLE on Windows allows a remote attacker to perform an out-of-bounds memory write by inducing the user to open a crafted HTML page. An integer overflow occurs...

Google Chrome < 148.0.7778.167 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 148.0.7778.167. It is, therefore, affected by multiple vulnerabilities as referenced in the 202605stable-channel-update-for-desktop12 advisory. - Use after free in Extensions in Google Chrome on Mac prior to...

CVE-2026-42896

Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

CVE-2026-35415

Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...

CVE-2026-34330

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

CVE-2026-42580

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's chunk size parser silently overflows int, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final...

OPENSUSE-SU-2026:20726-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - CVE-2026-40962: Fixed inadequate CENC subsample bounds checks that could lead to an integer overflow bsc1262237...

SUSE CVE-2017-12425

An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the...

vulnerabilities handled in Adobe After Effects

Adobe has identified several vulnerabilities in Adobe After Effects, particularly in versions 26.0, 25.6.4, and earlier versions. These vulnerabilities reside in the way Adobe After Effects processes certain files. There are issues with stack-based buffer overflows, heap-based buffer overflows,...

CLSA-2026-1778247114 libssh2: Fix of CVE-2026-7598

CVE-2026-7598: fix integer overflow in userauthpassword CVE-2026-7598...

jq: Signed-int overflow in `stack_reallocate` (jq VM stack)

...