54318 matches found
llama.cpp 输入验证错误漏洞
Llama.cpp is a multimodal model developed by Georgi Gerganov. Previous versions of llama.cpp b7824 contained a vulnerability related to input validation errors. This vulnerability stemmed from an integer overflow in the ggmlnbytes function, which could lead to a heap buffer overflow and remote co...
PT-2026-27309
Name of the Vulnerable Software and Affected Versions ART versions prior to 1.25.12 Description An integer overflow or wraparound issue exists in the ART raw image editor’s rtengine modules, specifically related to the dcraw.C program file. This can potentially lead to unexpected behavior or...
ART 安全漏洞
ART is an open-source cross-platform RAW image processing program developed by ART raw image processor. Versions of ART prior to 1.25.12 contain security vulnerabilities, which stem from integer overflows or circular errors. These vulnerabilities may cause issues with the program file dcraw.C...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...
(lib)tiff -- Integer Overflow or Wraparound
PrymEvol and Quang Luong reports: A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrec...
PT-2026-27317
Name of the Vulnerable Software and Affected Versions InsightSoftwareConsortium ITK versions prior to 2.7.1 Description An integer overflow or wraparound condition exists in the Expat parser within the ITK software. This issue is network-reachable and allows for automatable exploitation. The...
bcrypt-ruby 输入验证错误漏洞
bcrypt-ruby is an open-source secure password hashing tool developed by bcrypt-ruby. Versions of bcrypt-ruby prior to 3.1.22 had a vulnerability related to input validation. This vulnerability stemmed from integer overflow in the JRuby implementation, which led to enhanced circular zero iteration...
PT-2026-27340
Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in several Mozilla products,...
ITK 安全漏洞
ITK is an open-source cross-platform tool suite for scientific image processing and segmentation, developed by the Insight Software Consortium. Versions of ITK prior to 2.7.1 contained security vulnerabilities, which were caused by integer overflow or circularity errors...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the cgltfvalidate function when processing sparse accessors. An attacker can cause out-of-bounds reads and potential memory disclosure by supplying crafted glTF/GLB files with attacker-controlled size...
EUVD-2026-14448
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...
[SECURITY] [DSA 6176-1] strongswan security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6176-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez March 23, 2026 https://www.debian.org/security/faq -...
CVE-2026-32845
Cgltf version 1.15 and earlier contains an integer overflow in cgltf_validate() when validating sparse accessors, enabling heap buffer over-reads of attacker-controlled size values in crafted glTF/GLB inputs. This leads to denial of service crashes and potential memory disclosure via cgltf_calc_i...
CVE-2026-32845 jkuhlmann / cgltf <= 1.15 Sparse Accessor Validation Integer Overflow
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...
CVE-2026-32845 jkuhlmann / cgltf <= 1.15 Sparse Accessor Validation Integer Overflow
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...
CVE-2026-32845
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...
CLSA-2026-1774021165 expat: Fix of CVE-2026-25210
CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation...
expat: Fix of CVE-2026-25210
CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation...
CLSA-2026-1773925534 expat: Fix of CVE-2026-25210
Fix CVE-2026-25210: integer overflow in doContent tag buffer reallocation...