CLSA-2026-1779465893 postgresql: Fix of CVE-2026-6473

CVE-2026-6473: tsearch: bound StartSel/StopSel/FragmentDelimiter length to PGINT16MAX in tsheadline - CVE-2026-6473: contrib/ltree: guard lquery parsing against numvar and totallen wraparound - CVE-2026-6473: regex: add overflow-checked MALLOCARRAY/REALLOCARRAY and bound NFA state/color products...

CVE-2026-42343

FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation and uncontrolled resource consumption. The service relies solely on an application-level soft limit a 500ms polling interval for memory management and...

CVE-2026-42343 FastGPT: Uncontrolled Resource Consumption leading to Sandbox Exhaustion

FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation and uncontrolled resource consumption. The service relies solely on an application-level soft limit a 500ms polling interval for memory management and...

FastGPT 资源管理错误漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT 4.14.13 and earlier contain a resource management vulnerability. This vulnerability stems from insufficient resource isolation in the code-sandbox component,...

UBUNTU-CVE-2026-33298

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...

EUVD-2026-14668

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the ggmlnbytes function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes ggmlnbytes to return a significantly smaller...

PT-2026-27272

Name of the Vulnerable Software and Affected Versions llama.cpp versions prior to b7824 Description The software is susceptible to an integer overflow in the ggml nbytes function. This allows an attacker to bypass memory validation by creating a specially crafted GGUF file with specific tensor...

EUVD-2018-7376

Malware in sbrugna...

CVE-2025-38727

In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlinkunicast netlinkattachskb checks for the socket's read memory allocation constraints. Firstly, it has: rmem skrcvbuf to check if the just increased rmem value fits into the socket's...

CVE-2025-38727

Linux kernel vulnerability CVE-2025-38727 affects netlink in the Linux kernel. A bug in netlink_attachskb() may cause an infinite retry loop when memory checks for skb->truesize against sk_rcvbuf are inconclusive (rmem + skb->truesize > sk_rcvbuf), potentially triggering an rcu_sched sta...

UBUNTU-CVE-2025-29364

spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READSYSCALL and WRITESYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory...

CVE-2025-29364

CVE-2025-29364 affects spimsimulator spim versions prior to 9.1.24. The vulnerability is a buffer overflow in the READ_SYSCALL and WRITE_SYSCALL paths caused by bypassing memory address validation, allowing memory corruption when starting/ending memory read/write addresses point to distinct VM me...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a lack of memory requirement checking when calling IOCTL from user space to the camera kernel driver, which could lead to memory corruptio...

CVE-2021-47640

In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...

USN-7070-1: libarchive vulnerabilities

It was discovered that libarchive mishandled certain memory checks, which could result in a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubun...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : libarchive vulnerabilities (USN-7070-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7070-1 advisory. It was discovered that libarchive mishandled certain memory checks, which could result in a...

Important: thunderbird

Issue Overview: Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox 129, Firefox ESR 115.14, Firefox ESR 128.1, Thunderbird 128.1, and Thunderbird...

CVE-2022-23817

Insufficient checking of memory buffer in AMD Secure Processor ASP Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation...

UBUNTU-CVE-2024-26947

In the Linux kernel, the following vulnerability has been resolved: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses Since commit a4d5613c4dc6 "arm: extend pfnvalid to take into account freed memory map alignment" changes the semantics of pfnvalid to check presence of t...

CVE-2021-46757

Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation...