16672 matches found
CVE-2026-20054
Cisco CVE-2026-20054 affects Snort 3 VBA feature. The vulnerability stems from improper error checking when decompressing VBA data, allowing an unauthenticated attacker to send crafted VBA to the Snort 3 Detection Engine and force an infinite loop, resulting in DoS. CVSS‑3.1 metrics: AV:N/AC:L/PR...
CVE-2026-20054 Cisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Infinite Loop Denial of Service Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. This vulnerability is due to improper error checking when decompressing VBA data. An attacker could exploit this...
CLSA-2026-1772452097 ImageMagick: Fix of 9 CVEs
CVE-2026-25798: fix NULL pointer dereference in ClonePixelCacheRepository - CVE-2026-24481: fix heap information disclosure in PSD handler - CVE-2026-25799: fix division-by-zero in YUV sampling factor validation - CVE-2026-26284: fix out-of-bounds read in PCD Huffman decoder - CVE-2026-25897: fix...
EUVD-2026-9410
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
CVE-2026-23238 (Linux kernel — romfs): The romfs implementation in the kernel failed to honor the return value of sb_set_blocksize(), continuing a mount when the requested ROMBSIZE (e.g., 4096) was incompatible with the device’s logical_block_size (e.g., 32768). This could occur by using LOOP_SET...
CLSA-2026-1772619215 Fix CVE(s): CVE-2026-25798, CVE-2026-25799, CVE-2026-26066
SECURITY UPDATE: integer overflow in pixel cache allocation - debian/patches/CVE-2026-25798.patch: add CacheOverflowSanityCheckGetSize to detect overflow in numberpixelspacketsize in OpenPixelCache - CVE-2026-25798 SECURITY UPDATE: infinite loop in IPTC metadata processing -...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the drwavreadsmpltometadataobj function. An attacker can cause memory corruption by supplying a specially crafted WAV file that exploits a mismatch between sample loop count validation and processing,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005761)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005761 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fix infinite loop when wear-leveling work failed Following process will trigger...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005491)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005491 advisory. In the Linux kernel, the following vulnerability has been resolved: net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if ther...
CVE-2026-29022
Summary of CVE-2026-29022 (dr_libs): A heap buffer overflow affects dr_libs 0.14.4 and earlier via drwav__read_smpl_to_metadata_obj() in dr_wav.h. Attackers can exploit a mismatch between sampleLoopCount validation in pass 1 and unconditional processing in pass 2 to overflow heap allocations with...
Security update for zlib
This update for zlib fixes the following issue: CVE-2026-27171: Fixed infinite loop via the crc32combine64 and crc32combinegen64 functions due to missing checks for negative lengths bsc1258392. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2026:0783-1 Security update for zlib
This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the crc32combine64 and crc32combinegen64 functions due to missing checks for negative lengths bsc1258392...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
libpng: LIBPNG has a heap buffer overflow in png_set_quantize
A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...
UDisks Daemon Vulnerable to Local Privilege Escalation via Negative Index in Loop Device Handler
Udisks is vulnerable to out-of-bounds read due to improper validation of the index parameter in the loop device handler. This could allow an attacker to crash the UDisks daemon or perform local privilege escalation by accessing files owned by privileged users...