CVE-2026-46263

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4 file system. When the file system is shut down, the dirtyclusters counter is decremented...

Linux kernel 安全漏洞

The Linux kernel is the core used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the use of sscanf to parse the CO-RE accessor index in bpfcoreparsespec. When negative value...

CLSA-2026-1778007485 libnbd: Fix of CVE-2023-5215

CVE-2023-5215: fix nbdgetsize returning negative value for sizes larger than INT64MAX...

SUSE CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the genericunpack function when parsing EXR files containing a crafted negative value for dataWindow.min.x. An attacker can cause the process to terminate unexpectedly by supplying a specially crafted E...

CVE-2026-34378 OpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with crafted negative dataWindow.min.x

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

PT-2026-30657

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...

CVE-2026-30522

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific penalty rates for overdue payments. While the frontend interface prevents users from entering...

CVE-2026-30522

A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to improper server-side validation. The application allows administrators to create "Loan Plans" with specific penalty rates for overdue payments. While the frontend interface prevents users from entering...

CVE-2026-33029

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, an input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enter...

Unchecked Input for Loop Condition

Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition due to improper input validation in the POST /api/settings handler for the logrotate.interval field. An attacker can make the web interface unresponsive by submitting a negative interval value, causing...

CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

Moxa VPort Cameras Integer Underflow (CVE-2021-25846)

Improper validation of the ChassisID TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a negative number passed to the memcpy function via a crafted lldp packet. This plugin only works with Tenable.ot. Please visit...

CVE-2022-42324

Oxenstored 32-31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the ndiscard parameter in the server's completion endpoints. An attacker can cause memory corruption, process crashes, or potentially execute arbitrary code by supplying a negative value that leads to out-of-boun...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking if dentry.stream.validsize is negative, which could lead to a denial of service attack...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990376 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msgid before read or write WHAT msgid is used as an array index and ...

📄 HTMLDOC 1.9.13 Stack Buffer Overflow

HTMLDOC versions 1.9.13 and below proof of concept exploit that demonstrates a stack buffer overflow vulnerability. !/usr/bin/env python3 Exploit Title: HTMLDOC 1.9.13 - Stack Buffer Overflow Google Dork: N/A Date: 2025-08-26 Exploit Author: wulfgarpro Vendor Homepage:...

EUVD-2016-10620

Malware in sbrugna...