CLSA-2026-1773926416 expat: Fix of CVE-2026-25210

CVE-2026-25210: fix integer overflow in tag buffer reallocation in doContent function...

CLSA-2026-1773924658 expat: Fix of CVE-2026-25210

Fix CVE-2026-25210: integer overflow in doContent tag buffer reallocation...

CLSA-2026-1773924425 expat: Fix of CVE-2026-25210

Fix CVE-2026-25210: integer overflow in doContent tag buffer reallocation...

SUSE-SU-2026:20794-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to version 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension bsc1254670. - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation bsc1259619. Changelog: Update to version 3.51.3: Fix the...

GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPM files. The...

GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ANI files. The...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the US company wolfSSL, designed for developers working with embedded systems. There is a security vulnerability in wolfSSL, which stems from integer overflow in the static function wolfssladdtochain. This...

ROS-20260319-73-0020

A vulnerability in the yuv2ya16Xctemplate function of the libswscale/output.c component of the FFmpeg multimedia library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-26365

Name of the Vulnerable Software and Affected Versions wolfssl affected versions not specified Description An integer overflow issue was identified in the wolfssl add to chain function, leading to heap corruption when certificate data exceeded the bounds of the certificate buffer. The function is...

Important: exiv2

Issue Overview: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

Amazon Linux 2 : exiv2, --advisory ALAS2-2026-3201 (ALAS-2026-3201)

The version of exiv2 installed on the remote host is prior to 0.27.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3201 advisory. Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata...

bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby

Impact An integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. The JRuby implementation of bcrypt-ruby BCrypt.java computes the key-strengthening round count as a...

CVE-2026-31970

A flaw was found in HTSlib, a library used for handling bioinformatics file formats. A remote attacker could exploit an integer overflow vulnerability when a user opens a specially crafted GZI GZIP Index file. Exploiting this bug causes a heap buffer overflow. If a user opens a file crafted to...

[SECURITY] [DSA 6168-1] freetype security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6168-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 18, 2026 https://www.debian.org/security/faq -...

CVE-2026-31970

Summary: HTSlib’s GZI index loading path (bgzf_index_load_hfile) may overflow a heap buffer due to an integer overflow, causing a heap buffer overflow. This can crash the application, corrupt data, or potentially allow arbitrary code execution when a crafted GZI file is opened. Affected component...

UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

Summary ujson.dumps crashes the Python interpreter segmentation fault when the product of the indent parameter and the nested depth of the input exceeds INT32MAX. It can also get stuck in an infinite loop if the indent is a large negative number. Both are caused by an integer overflow/underflow...

Integer Overflow or Wraparound

Overview ujson is an Ultra fast JSON encoder and decoder for Python Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the indent parameter in the dumps, dump, or encode functions. An attacker can cause a crash or infinite loop by supplying large or negative...

CLSA-2026-1773831456 openexr: Fix of CVE-2026-27622

CVE-2026-27622: fix integer overflow in CompositeDeepScanLine leading to heap buffer overflow...

pixman security update

An update is available for pixman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pixman is a pixel manipulation library for the X Window System and Cairo...

RLSA-2023:7754 Moderate: pixman security update

Pixman is a pixel manipulation library for the X Window System and Cairo. Security Fixes: pixman: Integer overflow in pixmansamplefloory leading to heap out-of-bounds write CVE-2022-44638 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...