CVE-2026-8949

CVE-2026-8949 concerns an integer overflow in Firefox’s Widget: Win32 component. Affected software is Firefox 151 and Firefox ESR 140.11, which include the fix. The available documents do not specify explicit exploit details, impact scope beyond the overflow and version fixes, or whether active e...

CVE-2026-8949

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

EUVD-2026-30899

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-8949

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

UBUNTU-CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492 lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492

CVE-2026-43492 affects the Linux kernel crypto stack: mpi_read_raw_from_sgl() can underflow when subtracting lzeros from nbytes if an all-zero scatterlist is used, leading to a DoS with soft lockups. The vulnerability is triggered via KEYCTL_PKEY_ENCRYPT paths that create an all-zero scatterlist ...

EUVD-2026-30878

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

Moderate: Red Hat Security Advisory: iputils security update

An update for iputils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Security update for python-Pillow

This update for python-Pillow fixes the following issue CVE-2026-42308: integer overflow in font processing can lead to denial of service bsc1265359. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

Security update for postgresql15

This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

SUSE-SU-2026:1999-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

glib: Integer overflow in in g_escape_uri_string()

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...

CVE-2026-27781 kernel_liteos_a has an integer overflow vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

CVE-2026-27781

CVE-2026-27781 affects OpenHarmony v6.0 and earlier, targeting the kernel_liteos_a component. The connected data indicate an integer overflow vulnerability that can be exploited by a local attacker to cause a denial of service . The CVSS v3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) and base ...

CVE-2026-27781 kernel_liteos_a has an integer overflow vulnerability

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

Updated postgresql15 packages fix security vulnerabilities

PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege. CVE-2026-6472 PostgreSQL server undersizes allocations, via integer wraparound. CVE-2026-6473 PostgreSQL timeofday can disclose portions of server memory. CVE-2026-6474 PostgreSQL pgbasebackup and pgrewind can overwrite...