65980 matches found
CVE-2026-4731
The CVE-2026-4731 issue is an Integer Overflow or Wraparound vulnerability in ART’s artraweditor (rtengine) modules, tied to the dcraw.C file. Affected software is ART versions before 1.25.12. Documented impact indicates potential instability, with high-severity metrics (CRITICAL) and local attac...
DEBIAN-CVE-2026-4679
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2026-4679
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2026-33298
llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...
CVE-2026-4679
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2026-4679
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...
CVE-2026-4679
CVE-2026-4679 describes an integer overflow in Chrome’s Fonts code, allowing a remote attacker to trigger an out-of-bounds memory write via a crafted HTML page. Affected software: Google Chrome (Chromium-based) prior to version 146.0.7680.165. Root cause: integer overflow in the Fonts component. ...
CVE-2026-33306
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306 bcrypt-ruby has an Integer Overflow that Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby
bcrypt-ruby is a Ruby binding for the OpenBSD bcrypt password hashing algorithm. Prior to version 3.1.22, an integer overflow in the Java BCrypt implementation for JRuby can cause zero iterations in the strengthening loop. Impacted applications must be setting the cost to 31 to see this happen. T...
CVE-2026-33306
CVE-2026-33306 affects bcrypt-ruby (JRuby Java BCrypt implementation) where a signed 32-bit integer overflow at cost=31 causes the key-strengthening loop to run zero iterations, collapsing bcrypt from 2^31 rounds to effectively constant time. This leads to weaker hashes that may be exploitable. T...
EUVD-2026-14668
llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...
CVE-2026-33298
Summary (CVE-2026-33298) : llama.cpp (C/C++) contains an integer overflow in the ggml_nbytes function during GGUF tensor parsing, allowing an attacker to bypass memory validation by crafting tensor dimensions. This can cause ggml_nbytes to report a far too small size (examples cite 4 MB vs exabyt...
CVE-2026-33298 llama.cpp has a Heap Buffer Overflow via Integer Overflow in GGUF Tensor Parsing
llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...
CVE-2026-33298
llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...
PT-2026-27317
Name of the Vulnerable Software and Affected Versions InsightSoftwareConsortium ITK versions prior to 2.7.1 Description An integer overflow or wraparound condition exists in the Expat parser within the ITK software. This issue is network-reachable and allows for automatable exploitation. The...
ITK 安全漏洞
ITK is an open-source cross-platform tool suite for scientific image processing and segmentation, developed by the Insight Software Consortium. Versions of ITK prior to 2.7.1 contained security vulnerabilities, which were caused by integer overflow or circularity errors...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in several Mozilla products,...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...