KLA90973 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, obtain sensitive information, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Policy bypa...

Mozilla -- Incorrect boundary conditions, integer overflow

https://bugzilla.mozilla.org/showbug.cgi?id=2017867 reports: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability caused by integer overflow in Skia, which could allow arbitrary code to be executed in a sandbox through specially crafted HTML pages...

PT-2026-30823

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149.0.2 Firefox ESR versions prior to 140.9.1 Thunderbird versions prior to 149.0.2 Thunderbird versions prior to 140.9.1 Description The software contains incorrect boundary conditions and an integer overflow within...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

PT-2026-30833

Name of the Vulnerable Software and Affected Versions LibRaw versions prior to Commit 8dc68e2 Description An integer overflow exists in the uncompressed fp dng load raw functionality of LibRaw. A specially crafted malicious file can trigger a heap buffer overflow. An attacker can provide a...

PT-2026-30791

Name of the Vulnerable Software and Affected Versions Versions prior to patch ALPS09963054 Description An out-of-bounds write issue exists in secure boot due to an integer overflow. This could result in a local denial of service if an attacker has physical access to the device and user execution...

LibRaw uncompressed_fp_dng_load_raw integer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2363 LibRaw uncompressedfpdngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24450 SUMMARY An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious...

LibRaw deflate_dng_load_raw integer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2364 LibRaw deflatedngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20884 SUMMARY An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead ...

KLA90969 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Memory safety vulnerability can be exploited to execute arbitrary code. 2. Incorrec...

OpenPrinting CUPS 数字错误漏洞

OpenPrinting CUPS is an open-source printing system developed by OpenPrinting Corporation, suitable for Linux® and other Unix®-based operating systems. Versions of OpenPrinting CUPS prior to 2.4.16 contain a numerical error vulnerability. This vulnerability stems from the ppdCreateFromIPP functio...

Libraw 安全漏洞

Libraw is a C++ library developed by Libraw Inc. that processes RAW CRW/CR2, NEF, RAF, DNG, and other formats images. It supports various operating systems. Libraw has a security vulnerability, which stems from an integer overflow in the deflatedngloadraw function, potentially leading to a heap...

KLA90970 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause...

CVE-2026-35201

Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...

UBUNTU-CVE-2026-35201

Discount is an implementation of John Gruber's Markdown markup language in C. From 1.3.1.1 to before 2.2.7.4, a signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser,...

CVE-2026-34588

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

ImageMagick: ImageMagick: Out-of-bounds read or write due to integer overflow in DIB coder

A flaw was found in ImageMagick, a free and open-source software used for editing and manipulating digital images. An integer overflow vulnerability in the DIB Device Independent Bitmap coder component can be exploited by a remote attacker. By processing a specially crafted image file, this flaw...

EUVD-2025-209224

Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation...

rdiscount has an Out-of-bounds Read

Summary A signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser, allowing the parser to read past the end of the supplied buffer and crash the process Details In both...

GHSA-6R34-94WQ-JHRC rdiscount has an Out-of-bounds Read

Summary A signed length truncation bug causes an out-of-bounds read in the default Markdown parse path. Inputs larger than INTMAX are truncated to a signed int before entering the native parser, allowing the parser to read past the end of the supplied buffer and crash the process Details In both...