AlmaLinux 8 : compat-libtiff3 (ALSA-2026:20585)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:20585 advisory. libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 Tenable has extracted the...

CVE-2026-46062

ntfs3: fix integer overflow in rununpack volume boundary check...

PT-2026-43906

In the Linux kernel, the following vulnerability has been resolved: rxgk: Fix potential integer overflow in length check Fix potential integer overflow in rxgk extract token when checking the length of the ticket. Rather than rounding up the value to be tested which might overflow, round down the...

PT-2026-43890

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in create dirty log The argument count calculation in create dirty log performs args used = 2 + param count before validating against argc. When a user provides a param count close to UINT MAX via...

PT-2026-44591

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An integer overflow in ANGLE allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version 148.0.7778.216 or later...

ALSA-2026:21381 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

DEBIAN-CVE-2026-44983

smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption...

CVE-2026-44983 smallbitvec: Safe API Triggered Heap Buffer Overflow via Integer Overflow

smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption...

CVE-2026-44983 smallbitvec: Safe API Triggered Heap Buffer Overflow via Integer Overflow

smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption...

CVE-2026-44983

smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption...

rsync: Fix of 2 CVEs

CVE-2026-43618: fix integer overflow in compressed-token decoding that could leak rsync process memory contents over the wire - CVE-2026-29518: fix TOCTOU race on parent path components in non-chroot daemon by routing receiver/sender opens, chmod, and chdir through per- component ONOFOLLOW secure...

JLSEC-2026-545

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...

JLSEC-2026-532

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

JLSEC-2026-531

A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used...

DEBIAN-CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

CVE-2026-48690

FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packetstorage.hpp, the allocatebuffer function computes memorysizeinbytes as 'buffersizeinpackets maxcapturedpacketsize + sizeoffastnetmonpcappkthdrt +...

UBUNTU-CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2026-7568

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...