cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

CVE-2025-47394

Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the readline function in the mdbload.c file. An attacker can cause a denial of service or potentially access limited heap memory contents by providing malformed input that triggers an unsigned offset calculation t...

CVE-2025-47394

Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations...

CVE-2026-21487

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a possible memory corruption due to an offset calculation error copying overlapping buffers during memory operations...

CVE-2025-47394 Buffer Copy Without Checking Size of Input in DSP Service

Memory corruption when copying overlapping buffers during memory operations due to incorrect offset calculations...

Malware-Analysis-Project-SLMAIL-5.5-BOF-

Malware Analysis Project Introduction to exploit development w...

cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked

A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...

CVE-2026-21487

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2...

CVE-2026-21487 iccDEV has Out-of-bounds Read, Use of Out-of-range Pointer Offset and Improper Input Validation

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2...

EUVD-2026-1154

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2...

CVE-2026-21487

iccDEV’s CVE-2026-21487 is a localization/color-management library flaw where versions 2.3.1.1 and earlier suffer an Out-of-bounds Read, Use of Out-of-range Pointer Offset, and Improper Input Validation in CIccProfile::LoadTag. The issue is fixed in version 2.3.1.2. Public sources (NVD/Red Hat an...

PT-2026-1409

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below contain issues including an Out-of-bounds Read, Use of Out-of-range Pointer Offset,...

PT-2026-1544

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A memory corruption issue arises from incorrect offset calculations during memory operations, specifically when copying overlapping buffers. This can lead to unpredictable behavior and potential...

ALSA-2026:0123 Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

CVE-2025-68760

The CVE-2025-68760 entry concerns a Linux kernel vulnerability in the AMD IOMMU where iommu_mmio_write() validates the user offset against mmio_phys_end - 4 (assuming 4-byte access), but iommu_mmio_show() performs an 8-byte read (readq). If the offset equals mmio_phys_end - 4, this allows a 4-byt...

Linux Distros Unpatched Vulnerability : CVE-2023-54255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sh: dma: Fix DMA channel offset calculation Various SoCs of the SH3, SH4 and SH4A family, which use this driver, feature a differing number of DMA channels, whi...