348 matches found
CVE-2026-34540 iccDEV: HBO in icMemDump()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in icMemDump when iccDumpProfile attempts to dump/describe malformed tag contents. The issue is observable under...
CVE-2026-23399
In the Linux kernel, the following vulnerability has been resolved: nftables: nftdynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without being released....
CVE-2026-27940 llama.cpp has a Heap Buffer Overflow via Integer Overflow in `mem_size` Calculation — Bypass of CVE-2025-53630 Fix
llama.cpp is an inference of several LLM models in C/C++. Prior to b8146, the ggufinitfromfileimpl in gguf.cpp is vulnerable to an Integer overflow, leading to an undersized heap allocation. Using the subsequent fread writes 528+ bytes of attacker-controlled data past the buffer boundary. This is...
CVE-2026-27940
Summary of CVE-2026-27940 : The llama.cpp component has a vulnerability in gguf_init_from_file_impl() within gguf.cpp where an integer overflow leads to an undersized heap allocation. This enables a subsequent fread() to write 528+ bytes of attacker-controlled data past the buffer boundary, const...
Google Android elevation of privilege vulnerability (CNVD-2026-19056)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by an out-of-bounds write due to an integer overflow in multiple functions of memprotect.c. The vulnerability is caused by an integer overflow in th...
SUSE-SU-2026:0832-1 Security update for qemu
This update for qemu fixes the following issues: Security issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Non security issues: - hw/virtio: Also include md stubs in case CONFIGVIRTIOPCI is not set jscPED-14271. - s390x/pv: prepare for memory devices...
CVE-2026-0032
In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0038
In multiple functions of memprotect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
AZL-79356 CVE-2026-0031 affecting package hyperv-daemons 5.15.200.1-1
In multiple functions of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
AZL-79353 CVE-2026-0032 affecting package hyperv-daemons 5.15.200.1-1
In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
AZL-79385 CVE-2026-0032 affecting package hyperv-daemons 6.6.126.1-1
In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-9250
In multiple functions of memprotect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0032
In multiple functions of memprotect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2026-9242
In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0028
In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0028
In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-441808375
In hostcheckpagestaterange of memprotect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-443123065
In pkvmhostshareguest of memprotect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
edk2 security update
20241117-4.0.1.el97.3 - Replace upstream references Orabug:36569119 20241117-4.el97.3 - edk2-OvmfPkg-MemEncryptSevLib-Evict-cache-lines-during-SN.patch RHEL-125104 - edk2-MdePkg-Add-the-COHERENCYSFWNO-CPUID-bit-field.patch RHEL-125104 -...
CVE-2025-20070
Improper conditions check for the IntelR OptaneTM PMem management software before versions CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity...