Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An integer overflow vulnerability exists in multiple Mozilla products,...

llama.cpp 输入验证错误漏洞

Llama.cpp is a multimodal model developed by Georgi Gerganov. Previous versions of llama.cpp b7824 contained a vulnerability related to input validation errors. This vulnerability stemmed from an integer overflow in the ggmlnbytes function, which could lead to a heap buffer overflow and remote co...

PT-2026-27309

Name of the Vulnerable Software and Affected Versions ART versions prior to 1.25.12 Description An integer overflow or wraparound issue exists in the ART raw image editor’s rtengine modules, specifically related to the dcraw.C program file. This can potentially lead to unexpected behavior or...

PT-2026-27340

Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11...

bcrypt-ruby 输入验证错误漏洞

bcrypt-ruby is an open-source secure password hashing tool developed by bcrypt-ruby. Versions of bcrypt-ruby prior to 3.1.22 had a vulnerability related to input validation. This vulnerability stemmed from integer overflow in the JRuby implementation, which led to enhanced circular zero iteration...

Mozilla多款产品 代码问题漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products that stem...

Android ImageMagick 安全漏洞

Android ImageMagick is an image processing library developed by Cherry’s individual developer for the Android platform. Versions of Android ImageMagick prior to 7.1.2-11 contained security vulnerabilities, which were caused by integer overflows or circular errors...

(lib)tiff -- Integer Overflow or Wraparound

PrymEvol and Quang Luong reports: A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrec...

ART 安全漏洞

ART is an open-source cross-platform RAW image processing program developed by ART raw image processor. Versions of ART prior to 1.25.12 contain security vulnerabilities, which stem from integer overflows or circular errors. These vulnerabilities may cause issues with the program file dcraw.C...

CVE-2026-25075

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the cgltfvalidate function when processing sparse accessors. An attacker can cause out-of-bounds reads and potential memory disclosure by supplying crafted glTF/GLB files with attacker-controlled size...

CVE-2026-25075

The CVE-2026-25075 issue is an integer underflow in strongSwan’s EAP-TTLS AVP parser affecting versions 4.5.0 through 6.0.4, which can crash the charon IKE daemon (DoS) via crafted AVP length fields during IKEv2 authentication. Mitigation: upgrade to strongSwan 6.0.5 or later (as confirmed by Mag...

EUVD-2026-14448

cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltfvalidate function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecke...

[SECURITY] [DSA 6176-1] strongswan security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6176-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez March 23, 2026 https://www.debian.org/security/faq -...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

SUSE-SU-2026:0981-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...

Security update for strongswan

This update for strongswan fixes the following issues: CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run t...

SUSE-SU-2026:0980-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...

SUSE-SU-2026:0979-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472...

SUSE-SU-2026:0978-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-25075: Fixed integer underflow when handling EAP-TTLS AVP bsc1259472. Other bug fixes: -Fix rpm scripts to not break swanctl.conf use bsc1256442: Guard rpm migration scripts migrating strongswan.service using ipsec.conf on less tha...