CVE-2026-30910

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer...

CVE-2026-30909

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer. Encountering this...

CVE-2026-30909 Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer. Encountering this...

CVE-2026-30909 Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows

Crypt::NaCl::Sodium versions through 2.002 for Perl has potential integer overflows. bin2hex, encrypt, aes256gcmencryptafternm and seal functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer. Encountering this...

CVE-2026-30909

Crypt::NaCl::Sodium for Perl up to version 2.002 is affected by potential integer overflows in bin2hex, encrypt, aes256gcm_encrypt_afternm, and seal, due to output-size checks against SIZE_MAX not being performed. This can lead to integer wraparound and an undersized output buffer, with impact de...

Crypt::NaCl::Sodium 安全漏洞

Crypt::NaCl::Sodium is an encryption/decryption library open source by CPAN authors. Versions of Crypt::NaCl::Sodium 2.002 and earlier contain security vulnerabilities, which stem from integer overflows and may lead to insufficient output buffer size...

PT-2026-23893

Name of the Vulnerable Software and Affected Versions Crypt::NaCl::Sodium versions through 2.002 Description The Crypt::NaCl::Sodium library for Perl versions through 2.002 may experience integer overflows in the bin2hex, encrypt, aes256gcm encrypt afternm, and seal functions. These functions do...

WebP4j 输入验证错误漏洞

WebP4j is a Java library developed by Mr Nanko, designed to support WebP image encoding and animation processing. Versions of WebP4j 1.3.x and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from incorrect handling of the parameter “canvasheight” i...

PT-2026-23916

A vulnerability was identified in MrNanko webp4j up to 1.3.x. The affected element is the function DecodeGifFromMemory of the file src/main/c/gif decoder.c. Such manipulation of the argument canvas height leads to integer overflow. Local access is required to approach this attack. The exploit is...

Crypt::Sodium::XS 安全漏洞

Crypt::Sodium::XS is a Perl encryption library for modern cryptography functions developed by IAMB’s individual developers. Versions of Crypt::Sodium::XS prior to 0.001000 contained security vulnerabilities, which were caused by integer overflows, potentially leading to buffer overflows or crashe...

PT-2026-23906

Name of the Vulnerable Software and Affected Versions Crypt::Sodium::XS versions through 0.001000 Description The Crypt::Sodium::XS Perl module is susceptible to integer overflows in combined aead encryption, combined signature creation, and bin2hex functions. These functions do not verify that t...

Fedora 43 : cef (2026-b5f8adc627)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b5f8adc627 advisory. Bump to cef-145.0.28+g51162e8 + chromium 145.0.7632.159 rhbz2437035 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue i...

OPENSUSE-SU-2026:20332-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 145.0.7632.159 boo1259213 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue in PowerVR CVE-2026-3538: Integer overflow in Skia CVE-2026-3539: Object lifecycle issue in DevTools...

CVE-2026-28497

TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Prior to version 2.03, an integer overflow vulnerability in the string-to-integer conversion routine Val allows an unauthenticated remote attacker to bypass Content-Length restrictions and perform HTTP Request Smuggling. This can le...

Chromium: CVE-2026-3538 Integer overflow in Skia

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-3536 Integer overflow in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE SLES16 Security Update : expat (SUSE-SU-2026:20627-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20627-1 advisory. - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference...

OESA-2026-1530 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

OESA-2026-1529 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

OESA-2026-1527 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...