PT-2026-34985

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk verify response In rxgk verify response, there's a potential integer overflow due to rounding up token len before checking it, thereby allowing the length check to be bypassed. Fix this by...

freetype: Information disclosure or denial of service via specially crafted font files

A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...

freetype: Information disclosure or denial of service via specially crafted font files

A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...

freetype: Information disclosure or denial of service via specially crafted font files

A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...

RLSA-2026:8863 Important: OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This package contains libraries and sample applications for handling the format. Security Fixes: openexr: OpenEXR: Arbitrary code execution via integer overflow in...

OpenEXR security update

An update is available for OpenEXR. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is a high dynamic-range HDR image file format developed by Industrial...

RockyLinux 8 : OpenEXR (RLSA-2026:8863)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:8863 advisory. openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-27622 Tenable has extracted the preceding description block direct...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014275 advisory. jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gstreamer1-plugins-base (UTSA-2026-014277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014277 advisory. GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libtiff (UTSA-2026-014287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014287 advisory. A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providin...

Security update for openexr (important)

openSUSE security update: security update for openexr ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20605-1 Rating: important References: bsc1261621 bsc1261622 bsc1261624 bsc1261634 Cross-References: CVE-2026-34379 CVE-2026-34380 CVE-2026-34588...

JLSEC-2026-177

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a ?C substring...

CVE-2026-31491

A flaw was found in the Linux kernel's RDMA/irdma component. A local attacker could exploit an integer overflow and truncation vulnerability when the operating system passes a maximum unsigned 32-bit integer U32MAX for SQ/RQ/SRQ size. This can lead to the system incorrectly reporting a successful...

SUSE-SU-2026:1555-1 Security update for libraw

This update for libraw fixes the following issues: - CVE-2026-5342: out-of-bounds read via LibRaw::nikonloadpaddedpackedraw bsc1261499. - CVE-2026-20884: integer overflow and heap buffer overflow via deflatedngloadraw bsc1261671. - CVE-2026-20889: heap-based buffer overflow in...

freetype: Information disclosure or denial of service via specially crafted font files

A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...

freetype: Information disclosure or denial of service via specially crafted font files

A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...

CVE-2026-40244

A flaw was found in OpenEXR, an image storage format library. An integer overflow vulnerability exists when processing specially crafted EXR image files. A local user could exploit this by tricking a victim into opening a malicious EXR file. This flaw could lead to memory corruption, potentially...

freetype: Information disclosure or denial of service via specially crafted font files

A flaw was found in Freetype. An integer overflow vulnerability exists when processing specially crafted OpenType variable fonts. A local attacker could exploit this by convincing a user to open a malicious font file, which may lead to an out-of-bounds read and potential information disclosure or...

Security Bulletin: Vulnerabilities in libsoup affects IBM Netezza Appliance

Summary The libsoup package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-4945, CVE-2025-11021 Vulnerability Details CVEID:CVE-2025-4945 DESCRIPTION: A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME...

JLSEC-2026-175

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow in pixmansamplefloory...