jq 输入验证错误漏洞

jq is a lightweight and flexible command-line JSON processor developed by jqlang. Versions of jq prior to 1.8.1 have a vulnerability related to input validation errors. This vulnerability stems from integer overflows in the jvpstringAppend and jvpstringCopyReplaceBad functions, which may lead to ...

OpenJPEG 输入验证错误漏洞

OpenJPEG is an open-source JPEG2000 encoding and decoding library based on C language, developed by the Université catholique de Louvain. Versions of OpenJPEG 2.5.4 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflow in the...

PT-2026-32447

Name of the Vulnerable Software and Affected Versions uclouvain openjpeg versions prior to 2.5.5 Description An integer overflow occurs in the opj pi initialise encode function within the src/lib/openjp2/pi.c library. This issue requires local access to be exploited. Recommendations Install the...

PT-2026-32524

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-44 ImageMagick versions prior to 7.1.2-19 Description The viff encoder contains an integer truncation or wraparound issue on 32-bit builds. This can trigger an out of bounds heap write, potentially causing ...

PT-2026-32245

Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335...

ImageMagick 缓冲区错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained a buffer error vulnerability. This vulnerability stemmed from integer...

PT-2026-32273

Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335...

Linux Distros Unpatched Vulnerability : CVE-2026-32316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad...

RHEL 10 : openexr (RHSA-2026:7682)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7682 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...

SAMSUNG Escargot 安全漏洞

SAMSUNG Escargot is a memory-optimized JavaScript engine developed by South Korea’s Samsung Corporation. It is suitable for mid-range devices such as smartphones, tablets, and TVs. SAMSUNG Escargot has a security vulnerability that stems from integer overflow or circular error conditions, which m...

ALSA-2026:7682 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

ImageMagick 安全漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 7.1.2-19 and 6.9.13-44 contained security vulnerabilities. These vulnerabilities were due ...

RHEL 10 : openexr (RHSA-2026:7678)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:7678 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...

PT-2026-32491

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description An integer overflow occurs within the jvp string append and jvp string copy replace bad functions when concatenating strings with a combined length exceeding 2^31 bytes. This leads to a 32-bit unsigned...

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the MakerNote decoding process for Fuji and Olympus cameras. An attacker can cause a crash or leak information by providing specially crafted image files. Remediation A fix was pushed into the...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the Nikon MakerNote handling process. An attacker can cause crashes or leak information by triggering an unsigned 32-bit integer overflow. This is only exploitable if the system is 32-bit. Remediation A...

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...

CVE-2026-40386

In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs...