65166 matches found
CVE-2026-37459
An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...
PT-2026-37200
Name of the Vulnerable Software and Affected Versions Pillow versions 10.3.0 through 12.1.x Description Processing a malicious PSD file can lead to memory corruption, potentially resulting in a crash or arbitrary code execution. This occurs because bounds checks for tile extents in PSD image...
Astra Linux - уязвимость в chromium
Integer underflow in WebUI of Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. Chromium security severity: High...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: svcrdma: Address an integer overflow Dan Carpenter reports: Commit 78147ca8b4a9 "svcrdma: Add a “parsed chunk list” data structure" from Jun 22, 2020 linux-next, leads to the following Smatch static checker warning:...
Astra Linux - уязвимость в firefox, thunderbird
In the nsTArrayImpl::ReplaceElementsAt function, an integer overflow could occur when the number of elements to be replaced is too large for the container. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...
Astra Linux - уязвимость в vlc
Videolan VLC prior to version 3.0.20 contains an integer underflow issue that can lead to incorrect packet lengths being displayed...
Astra Linux - уязвимость в binutils
A issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. The simpleobjectelfmatch function in simple-object-elf.c does not check for a zero value of shstrndx, resulting in an integer overflow and a heap-based buffer overflow...
Astra Linux - уязвимость в firefox
There was an integer overflow issue in the OrderedHashTable used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4...
Astra Linux - уязвимость в zvbi
A critical vulnerability was discovered in libzvbi up to version 0.2.43. This vulnerability affects the vbisearchnew function in the src/search.c file. Manipulation of the patlen argument leads to integer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...
Astra Linux - уязвимость в exiv2
In Exiv2 through 0.27.1, a vulnerability in CiffDirectory::readDirectory allows for integer overflow and out-of-bounds reads. This vulnerability enables an attacker to cause a denial of service SIGSEGV by using a crafted CRW image file...
Astra Linux - уязвимость в openldap
An integer underflow was discovered in OpenLDAP before version 2.4.57, which led to slapd crashes during the Certificate Exact Assertion processing, resulting in a denial of service schemainit.c serialNumberAndIssuerCheck...
Astra Linux - уязвимость в linux-5.15, linux, linux-5.10
An integer overflow or wrap-around vulnerability exists in the OpenEuler kernel on Linux file system modules, allowing for forced integer overflow. This issue affects the OpenEuler kernel, starting from version 4.19.90, up to and including version 4.19.90-2401.3, as well as versions 5.10.0-60.18....
Astra Linux - уязвимость в strongswan
In the eap-mschapv2 plugin client-side in strongSwan, prior to version 6.0.3, a malicious EAP-MSCHAPv2 server could send a crafted message with a size of 6 to 8 bytes, causing an integer underflow, which could potentially lead to a heap-based buffer overflow...
Astra Linux - уязвимость в libsoup2.4
A flaw was discovered in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, resulting in a buffer overread. This can allow an attacker to potentially access sensitive information or cause a denial of service at the application level...
Astra Linux - уязвимость в freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that use FreeRDP versions prior to 3.5.0 or 2.11.6 and have connections to servers using the NSC codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 address this issue. As a workaround, do not use the NSC...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: preventing integer overflow in shcsssetblackframe The values of “height” and “width” come from the user, so the multiplication of “height width” can cause an integer overflow...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: A integer overflow has been fixed in aie2queryctxstatusarray. The unpublished smatch static checker reported a warning. In drivers/accel/amdxdna/aie2pci.c, line 904 of aie2queryctxstatusarray: warn: Potential...
Astra Linux - уязвимость в glib2.0
A flaw was discovered in GLib. A integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds...
Astra Linux - уязвимость в expat, firefox, thunderbird
In libexpat before version 2.7.4, the doContent function does not properly determine the buffer size bufSize, as there is no check for integer overflow during the reallocation of the tag buffer...