4763 matches found
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
SUSE-SU-2026:1816-1 Security update for krb5
This update for krb5 fixes the following issues - CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism bsc1263366. - CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read bsc1263367...
Adobe CAI Content Credentials 数字错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. Adobe CAI Content Credentials has a digital error vulnerability, which stems from an integer underflow iss...
Adobe CAI Content Credentials 数字错误漏洞
Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. Adobe CAI Content Credentials has a digital error vulnerability, which stems from an integer underflow iss...
PT-2026-40410
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.7.0 through 0.78.2 Description An Integer Underflow Wrap or Wraparound issue exists, which occurs when an arithmetic operation results in a value smaller than the minimum representable value for that data typ...
PT-2026-40405
Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions 0.78.2, 0.7.0 and earlier Description An Integer Underflow Wrap or Wraparound issue exists where a value decreases below its minimum possible representation, potentially causing the application to crash. This c...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017555)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017555 advisory. An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017550)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017550 advisory. An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of...
SUSE-SU-2026:21618-1 Security update for krb5
This update for krb5 fixes the following issues - CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism bsc1263366. - CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read bsc1263367...
SUSE-SU-2026:21629-1 Security update for krb5
This update for krb5 fixes the following issues - CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism bsc1263366. - CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read bsc1263367...
OESA-2026-2257 krb5 security update
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Security Fixes: In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext...
CVE-2026-37459
A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS. Mitigation Red Hat has investigated whether a possible...
CVE-2026-41509 Integer underflow in crypto_sign_open() leads to buffer overflow
CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...
CVE-2026-41509 Integer underflow in crypto_sign_open() leads to buffer overflow
CROSS implementation contains reference and optimized implementations of the CROSS post-quantum signature algorithm. Prior to commit fc6b7e7, there is a buffer overflow in cryptosignopen caused by an underflow of the integer mlen. This issue has been patched via commit fc6b7e7...
CVE-2026-41509
The CVE-2026-41509 entry concerns the CROSS implementation of the CROSS post-quantum signature algorithm. A buffer overflow in crypto_sign_open() was caused by an underflow of the length field (mlen) before commit fc6b7e7. This underflow vulnerability could enable an overflow during signature ver...
CLSA-2026-1778240890 gnutls: Fix of CVE-2026-33845
CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...
CLSA-2026-1778239503 gnutls: Fix of CVE-2026-33845
CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...
BIT-JRE-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended...
BIT-JRE-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in qtdemuxparsetrak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. If this happen...