54205 matches found
poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication
A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...
UBUNTU-CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts...
UBUNTU-CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output...
UBUNTU-CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSyste...
ALSA-2026:27738 Important: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer...
UBUNTU-CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDe...
ALSA-2026:27741 Important: postgresql security update
PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL: Operating system account hijack via symlink following in pgbasebackup and pgrewind CVE-2026-6475 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite...
UBUNTU-CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer becau...
UBUNTU-CVE-2026-56404
libexpat before 2.8.2 has an integer overflow in addBinding...
UBUNTU-CVE-2026-56408
libexpat before 2.8.2 has an integer overflow in copyString...
UBUNTU-CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
CVE-2026-56408
libexpat before 2.8.2 has an integer overflow in copyString...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...
CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56404
libexpat before 2.8.2 has an integer overflow in addBinding...
CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts...