BIT-JRE-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

SUSE CVE-2026-7912

Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-7969

Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-7973

Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of signed integers in bloblen and nummon functions within cephmonmapdecode. This can lead...

ROS-20260508-73-0012

Vulnerability in nss related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260508-73-0017

A vulnerability in the ngxhttpmp4module module of NGINX Open Source web servers is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a signed integer in payloadlen within the cephhandleauthreply function. This vulnerability m...

Grid 输入验证错误漏洞

Grid is a two-dimensional data structure library developed by Armin Becher. In versions 0.17.0 to 1.0.1 of Grid, there was an input validation vulnerability. This vulnerability stemmed from integer overflow in Grid::expandrows, which could disrupt the relationship between the logical dimensions o...

PT-2026-39226

Name of the Vulnerable Software and Affected Versions PgBouncer versions prior to 1.25.2 Description An integer overflow in the network packet parsing code allows an unauthenticated remote attacker to bypass a boundary check. By sending a malformed SCRAM authentication packet, the attacker can...

Oracle Linux 8 : mingw-libtiff (ELSA-2026-14929)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-14929 advisory. 4.0.9-4 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile Resolves: RHEL-159337 Tenable has extracted the preceding description block...

PT-2026-38866

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

PT-2026-38889

An integer overflow in the tt var load item variation store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...

mingw-libtiff security update

4.0.9-4 - fix CVE-2026-4775: signed integer overflow in putcontig8bitYCbCr44tile Resolves: RHEL-159337...

JLSEC-2026-489 A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service ...

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...

JLSEC-2026-479

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

Security Bulletin: IBM MQ Appliance is affected by an integer overflow (CVE-2022-50865)

Summary IBM MQ Appliance has addressed an integer overflow. Vulnerability Details CVEID:CVE-2022-50865 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int,...

JLSEC-2026-470 An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows...

An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality,...

JLSEC-2026-475

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges...

JLSEC-2026-469 An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM)...

An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are...