65149 matches found
CVE-2026-20753
The connected documents confirm a concrete CVE: an integer overflow in the UEFI firmware for the Slim Bootloader. A system software adversary with privileged access and low attack complexity could trigger a local code execution via local access with no user interaction, potentially impacting conf...
CVE-2026-20753
Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...
CLSA-2026-1778602690 Fix CVE(s): CVE-2026-7598
SECURITY UPDATE: fix integer overflow in usernamelen bounds checks across userauthlist, userauthpassword and password change paths in src/userauth.c - debian/patches/CVE-2026-7598.patch: fix integer overflow in usernamelen bounds checks across userauthlist, userauthpassword and password change...
Windows Storage Spaces Controller Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...
Windows DWM Core Library Elevation of Privilege Vulnerability
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Win32k Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...
OPENSUSE-SU-2026:20717-1 Security update for raylib
This update for raylib fixes the following issues: Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900 CVE-2025-15534: Fix integer overflow vulnerability in LoadFontData bsc1256901 - Update to 5.5: NEW raylib...
SUSE-SU-2026:21626-1 Security update for dnsmasq
This update for dnsmasq fixes the following issues: Security issues: - CVE-2023-49441: integer overflow via forwardquery bsc1226091. - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. Non security issue: - Reintroduce nogroup...
BIT-PHP-MIN-2026-7568 Signed integer overflow in metaphone()
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...
BIT-PILLOW-2026-42311 Pillow: OOB Write with Invalid PSD Tile Extents (Integer Overflow)
Pillow is a Python imaging library. From version 10.3.0 to before version 12.2.0, processing a malicious PSD file could lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This issue has been patched in version 12.2.0...
BIT-PILLOW-2026-42308 Pillow: Integer overflow when processing fonts
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0...
BIT-LIBPHP-2026-7568 Signed integer overflow in metaphone()
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...
SUSE-SU-2026:1816-1 Security update for krb5
This update for krb5 fixes the following issues - CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism bsc1263366. - CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read bsc1263367...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by an integer overflow issue in the ANGLE component. This vulnerability could allow remote attackers to execute out-of-bound memory writes...
PT-2026-40176
Integer overflow or wraparound in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally...
PT-2026-41106
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in Fonts allows a remote attacker to execute arbitrary code within a sandbox by inducing the user to open a specially crafted HTML page. Recommendations Update to...
ROS-20260512-73-0008
A vulnerability in the escapebytestring function of the gio/gfileattribute.c component of the GLib library set is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
PT-2026-40286
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...
PT-2026-40301
In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...