54268 matches found
CVE-2026-42308
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...
SUSE CVE-2026-37540
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...
CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
DEBIAN-CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
UBUNTU-CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
EUVD-2026-28876
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
CVE-2026-6664
CVE-2026-6664 affects PgBouncer prior to 1.25.2, where an integer overflow in the network packet parsing code bypasses a boundary check and can crash the process. An unauthenticated remote attacker can crash PgBouncer by sending a malformed SCRAM authentication packet. The issue affects vulnerabl...
CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
CVE-2026-6664
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...
GHSA-97WC-2HQC-CJGR smallbitvec: Integer overflow in safe API leads to heap buffer overflow
Summary An integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption without requiring unsafe code from the caller. Details The issue originates from...
smallbitvec: Integer overflow in safe API leads to heap buffer overflow
Summary An integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption without requiring unsafe code from the caller. Details The issue originates from...
Pillow 输入验证错误漏洞
Pillow is an open-source image processing library developed by Pillow. Versions of Pillow prior to 12.2.0 contained a vulnerability related to input validation errors. This vulnerability could lead to integer overflow when the advancement of each character in the font was too large...
PT-2026-39309
Name of the Vulnerable Software and Affected Versions smallbitvec affected versions not specified Description An integer overflow occurs during the internal capacity calculation within the buffer lencap function. When the cap variable is close to usize::MAX, unchecked arithmetic causes the value ...
Linux Distros Unpatched Vulnerability : CVE-2026-6664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote...
Unity Linux 20.1070e Security Update: expat (UTSA-2026-017375)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017375 advisory. Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. Tenable has extracted the preceding description block directly from the Unity Linux...
Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017361)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017361 advisory. nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the...
Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017358)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017358 advisory. defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Uni...