CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

CVE-2026-5477

The CVE-2026-5477 issue concerns wolfCrypt CMAC: an integer overflow in wc_CmacUpdate caused by a guard that skips XOR-chaining on the first block when cmac->totalSz != 0. totalSz is a 32-bit value and wraps to zero after 2^28 blocks (4 GiB), which can discard the live CBC-MAC chain state. Thi...

wolfSSL（CyaSSL） 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. wolfSSL CyaSSL has security vulnerabilities; these vulnerabilities stem from integer overflows in the wolfCrypt CMAC implementatio...

PT-2026-31909

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw in the f mass storage gadget driver. The check command size in blocks function does not validate for integer overflows when calculating data size in byte...

Fedora: Security Advisory (FEDORA-2026-840b40ef4c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome ANGLE Component Integer Overflow Vulnerability

Google Chrome is a web browser from Google, an American company. An integer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the ANGLE component to properly validate the length size of input data, which can be exploited ...

Unity Linux 20.1070e Security Update: vsftpd (UTSA-2026-007077)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007077 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-007088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007088 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an integer overflow issue in the checkcommandsizeinblocks function, which may lead to memory corruption ...

FreeBSD : Mozilla -- Incorrect boundary conditions, integer overflow (30522580-33fb-11f1-8ac1-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 30522580-33fb-11f1-8ac1-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2017867 reports: Incorrect boundary conditions, integer...

OCaml <= 4.14.3 Integer Overflow Information Disclosure (CVE-2026-34353)

The version of OCaml installed on the remote host is prior to or equal to 4.14.3. It is, therefore, affected by an information disclosure vulnerability: - An integer overflow in Bigarray.reshape allows reading of arbitrary memory when untrusted data is processed. CVE-2026-34353 Note that Nessus h...

Unity Linux 20.1070a Security Update: vsftpd (UTSA-2026-007108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007108 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote,...

Microsoft Edge (Chromium) < 147.0.3912.60 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 147.0.3912.60. It is, therefore, affected by multiple vulnerabilities as referenced in the April 10, 2026 advisory. - Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who...

SUSE CVE-2026-5908

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

SUSE CVE-2026-5909

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

CVE-2026-5859

An integer overflow flaw was found in the WebML component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=494158331...

EUVD-2026-20956

Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE-2025-66168: MQTT control packet remaining length field is not properly validated" was only applied to 5.19.2 and future 5.19.x releases but was missed for all 6.0.0+...

GHSA-XVQC-PP94-FMPX Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT vulnerable to Integer Overflow or Wraparound

Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE-2025-66168: MQTT control packet remaining length field is not properly validated" was only applied to 5.19.2 and future 5.19.x releases but was missed for all 6.0.0+...

Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT vulnerable to Integer Overflow or Wraparound

Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE-2025-66168: MQTT control packet remaining length field is not properly validated" was only applied to 5.19.2 and future 5.19.x releases but was missed for all 6.0.0+...

SUSE-SU-2026:21157-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.9.1 ESR bsc1261663. - MFSA 2026-27: CVE-2026-5731: memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2...