54409 matches found
CLSA-2026-1772452097 ImageMagick: Fix of 9 CVEs
CVE-2026-25798: fix NULL pointer dereference in ClonePixelCacheRepository - CVE-2026-24481: fix heap information disclosure in PSD handler - CVE-2026-25799: fix division-by-zero in YUV sampling factor validation - CVE-2026-26284: fix out-of-bounds read in PCD Huffman decoder - CVE-2026-25897: fix...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound when decoding malformed MQTT packets, due to improper validation of the Remaining Length. An attacker can cause the broker to misinterpret payloads as multiple MQTT control packets by sending malicious...
Integer Overflow or Wraparound
Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Integer Overflow or Wraparound when decoding malformed MQTT packets, due to improper validation of the Remaining Length. An attacker can cause the...
Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound
Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...
GHSA-C825-6PH3-4H84 Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound
Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...
CVE-2025-66168
WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following for more details: https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt https://vulners.com/cve/CVE-2026-40046 Original Report: Apache ActiveMQ...
Bytes is vulnerable to integer overflow in BytesMut::reserve
...
An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.
...
Integer Overflow Bypasses Memory Safety Checks in H5 Dataset Loading
This report is not public...
Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel
No d...
CVE-2026-0028
In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Apache ActiveMQ 安全漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. Versions of Apache ActiveMQ prior to 5.19.2, as well as versions 6.0.0 to 6.1.8 and 6.2.0, have security...
PT-2026-31651
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 6.0.0 through 6.1.8, 6.2.0, and prior to 5.19.2 Description An integer overflow or wraparound issue exists in Apache ActiveMQ when decoding malformed packets. This occurs due to improper validation of the remaining...
SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2026:0646-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0646-1 advisory. - CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 - CVE-2026-25210: Fixe...
FreeBSD : Mozilla -- Multiple vulnerabilities (15f4e0f6-1338-11f1-a55d-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 15f4e0f6-1338-11f1-a55d-b42e991fc52e advisory. CVE-2026-2809: Memory safety bug in the JavaScript: WebAssembly component. CVE-2026-2808:...
CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
CVE-2026-27622
OpenEXR vulnerability CVE-2026-27622 arises from an integer overflow in CompositeDeepScanLine::readPixels, where per-pixel totals are accumulated into total_sizes and wrapped modulo 2^32, causing derived overall_sample_count to mis-size samples and leading to a heap out-of-bounds write in core un...
CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
SUSE-SU-2026:20627-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...