ROS-20260610-73-0017

The vulnerability of the XPCOM component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

Microsoft Windows 数字错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Performance Monitor has a numerical error vulnerability. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows 1...

ROS-20260609-73-0025

The vulnerability of the Graphics component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

ROS-20260605-73-0053

The vulnerability of the XPCOM component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

ROS-20260605-73-0055

The vulnerability of the XPCOM component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

Wire-ios 数字错误漏洞

wire-ios is the client layer that handles all data displayed in mobile applications. Versions of wire-ios prior to 4.16.0 have a numerical error vulnerability, which stems from a lack of length checking. This vulnerability may lead to crashes when receiving specially crafted malicious Proteus...

Intel QAT software drivers for Windows 数字错误漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions of Intel QAT software drivers for Windows prior to version 1.13 contain a numerical error vulnerability. This vulnerabilit...

Modsecurity 数字错误漏洞

Modsecurity is an open-source web traffic security processing library developed by OWASP ModSecurity. Versions of Modsecurity from 3.0.0 to 3.0.15 contained a numerical error vulnerability. This vulnerability stemmed from an unsigned integer underflow, which led to unhandled exceptions and could...

bettercap 数字错误漏洞

Bettercap is an open-source framework for network attacks and security testing developed by Bettercap. Versions of Bettercap 2.41.5 and earlier contain a numerical error vulnerability. This vulnerability stems from an unknown function in the modules/mysqlserver/mysqlserver.go file of the MySQL...

bettercap 数字错误漏洞

Bettercap is an open-source framework for network attacks and security testing developed by Bettercap. Versions of Bettercap 2.41.5 and earlier contained a numerical error vulnerability. This vulnerability stemmed from an integer coercion conversion error in the ippReadChunkedBody function within...

FlashMQ 数字错误漏洞

FlashMQ is a fast and lightweight MQTT proxy server developed by Wiebe Cazemier. Versions of FlashMQ prior to 1.26.1 contained a numerical error vulnerability. This vulnerability could cause the FlashMQ proxy to crash and lead to a denial-of-service attack when the setretainedmessagedefertimeout...

Red Hat Enterprise Linux 数字错误漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a numerical error vulnerability. This vulnerability stems from the allowed use of zero-length and non-zero offset fragments during DTLS handshake parsing. This...

MongoDB Server 数字错误漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a numerical error vulnerability in MongoDB Server, where the MD5 checks...

PowerDNS DNSdist 数字错误漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a numerical error vulnerability; this vulnerability stems from the ability of clients to trigger a zero error by sending a specially...

CVE-2026-34317

CVE-2026-34317 affects Oracle MySQL Shell (Shell: Core Client). Affected versions are 8.0.0–8.0.45, 8.4.0–8.4.8, and 9.0.0–9.6.0. The vulnerability exists in the Core Client component and can be exploited by a user who has logon to the environment where MySQL Shell executes, indicating a local at...

Microsoft Hyper-V 数字错误漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. Microsoft Hyper-V has a numerical error vulnerability. Attackers can exploit this vulnerability to execute code. The following produc...

Microsoft Windows Storage Spaces Controller 数字错误漏洞

Microsoft Windows Storage Spaces Controller is a necessary driver provided by Microsoft for providing storage space functions. There is a numerical error vulnerability in Microsoft Windows Storage Spaces Controller. Attackers can exploit this vulnerability to gain higher privileges. The following...

ImageMagick 数字错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 7.1.2-189 and 6.9.13-44 contained a numerical error vulnerability. This vulnerability stemmed from the...

osslsigncode 数字错误漏洞

Osslsigncode is a small tool developed by Michał Trojnara as an individual project. It implements some functions of the Microsoft tool signtool.exe. Versions of Osslsigncode prior to version 2.13 contained a numerical error vulnerability. This vulnerability stemmed from the PE page hash calculati...

core-rs-albatross 数字错误漏洞

core-rs-albatross is a Rust implementation of the Albatross protocol developed by Nimiq. Versions prior to 1.3.0 of core-rs-albatross contained a numerical error vulnerability. This vulnerability stems from the fact that the discovery processor accepts peer control restrictions without any change...