Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from integer overflows during the generation of proof reports, leading to failed buffer copy operations and potentially causing memory corruption...

OpenEXR 安全漏洞

OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.4.0 to 3.4.9 contained security vulnerabilities. These vulnerabilities stemmed from the lack of boundary checks on the dataWindow property, which coul...

Security update for osslsigncode (critical)

openSUSE Security Update: Security update for osslsigncode Announcement ID: openSUSE-SU-2026:0115-1 Rating: critical References: 1260680 Cross-References: CVE-2025-70888 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...

Corosync 输入验证错误漏洞

Corosync is an open-source cluster engine developed by The Corosync Cluster Engine. Corosync has a vulnerability in input validation, which stems from integer overflows in the message integrity verification process. This vulnerability may lead to service crashes and denial-of-service attacks...

Tinyproxy 安全漏洞

Tinyproxy is a small, efficient HTTP/SSL proxy daemon developed by Tinyproxy. Versions of Tinyproxy 1.11.3 and earlier contain security vulnerabilities, which stem from integer overflows in the HTTP chunked transmission encoding parser, potentially leading to denial-of-service attacks...

Android ImageMagick 安全漏洞

Android ImageMagick is an image processing library developed by Cherry’s individual developer for the Android platform. Versions of Android ImageMagick prior to 7.1.2-11 contained security vulnerabilities, which were caused by integer overflows or circular errors...

CLSA-2026-1772110471 glib2: Fix of CVE-2025-14087

CVE-2025-14087: Fix integer overflows in GVariant text format parser and escapebytestring...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-15 and 6.9.13-40 contained security vulnerabilities, which were caused by integer overflows in the...

CVE-2025-41726

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...

CVE-2025-41726 Beckhoff: Arbitrary code execution within privileged processes

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes...

swoole-src security vulnerabilities

swoole-src is an open-source PHP concurrency library based on coroutines, developed by the Swoole Project. Versions of swoole-src prior to 6.0.2 contained security vulnerabilities, which were caused by integer overflows or circular errors in the sds.C file...

Glib buffer error vulnerability

Glib is a generic, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, and abstraction for main loops. Glib has a buffer error vulnerability, which stems from integer overflows in the implementation of...

IronOS security vulnerabilities

IronOS is a firmware system developed by Ben V. Brown individually. Versions of IronOS prior to v2.23-rc2 contained security vulnerabilities, which were caused by integer overflows or circular errors...

Modizer security vulnerability

Modizer is an iOS music player developed by yoyofr. Versions of Modizer prior to 4.1.1 contained security vulnerabilities, which were caused by integer overflows or circular errors...

RawTherapee security vulnerabilities

RawTherapee is an open-source photo processing program developed by RawTherapee. Versions of RawTherapee 5.11 and earlier contained security vulnerabilities. These vulnerabilities were caused by integer overflows or circular errors in the image processing engine component dcraw.Cc, which could le...

[SECURITY] [DLA 4449-1] zvbi security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4449-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz January 24, 2026 https://wiki.debian.org/LTS -...

Debian dla-4449 : libzvbi-common - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4449 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4449-1 [email protected]...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21711)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21711 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/rose: prevent integer overflows in...

MiracleLinux 3 : e2fsprogs-1.39-10.1.1AXS3 (AXBA:2008-123:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXBA:2008-123:01 advisory. - Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem...

MiracleLinux 3 : mesa-6.5.1-7.11.0.1.AXS3 (AXSA:2013-539:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-539:01 advisory. Mesa Security issues fixed with this release: CVE-2013-1993 Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow X servers to trigger...