Updated ffmpeg packages fix security vulnerabilities

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input. CVE-2026-30997 FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to...

CLSA-2026-1779370563 grub2: Fix of CVE-2025-0677

CVE-2025-0677: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks...

SUSE-SU-2026:21283-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

NI LabVIEW < 2023 Q3 Patch 9 / 2024.x < 2024 Q3 Patch 6 / 2025.x < 2025 Q3 Patch 4 / 2026.x < 2026 Q1 Patch 1 Multiple Memory Corruption Vulnerabilities

The version of National Instruments NI LabVIEW installed on the remote Windows host is affected by multiple memory corruption vulnerabilities that may result in information disclosure or arbitrary code execution, including the following: - There is an out-of-bounds read vulnerability in...

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash bsc1236619. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of an overflow write...

CVE-2023-20756

In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928...

OOB Write ops.c

Environment bash Distributor ID: Debian Description: Debian GNU/Linux bookworm/sid Version I checked against the master branch at commit 50809a45ebde327cb6fdcc727d7466e926aed713 . Description This AddressSanitizer output is indicating a write to the 0x7fd0c2103000 address, this is because the...

PT-2023-35759 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow crash, specifically a WRITE 4 operation. The crash occurs in the fn ElIn evaluate function, which is call...

CLSA-2023-1677231280 git: Fix of 4 CVEs

CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...

OSV-2022-145 Heap-buffer-overflow in print_mac

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44581 Crash type: Heap-buffer-overflow WRITE 4 Crash state: printmac logpacket dhcpreply...

SUSE: Security Advisory (SUSE-SU-2016:3080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Serivce (DoS)

busybox is vulnerable to denial of service. An integer overflow in the getnextblock function in archival/libarchive/decompressbunzip2.c may lead to a write access violation and result in an application crash...

CVE-2019-9302

In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661356...

xvid:fuzzer-decoder: Stack-buffer-overflow in BitstreamReadHeaders

Detailed Report: https://oss-fuzz.com/testcase?key=5638255688548352 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzerasanxvid Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7fff6d7f8058 Crash State: BitstreamReadHeaders...

SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2018:4187-1)

This update for perl fixes the following issues : Secuirty issues fixed : CVE-2018-18311: Fixed integer overflow with oversize environment bsc1114674. CVE-2018-18312: Fixed heap-buffer-overflow write / regnode overrun bsc1114675. CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \...

Debian DSA-4347-1 : perl - security update

Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perlmysete...

skia/android_codec: Heap-buffer-overflow in swizzle_index_to_n32

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5755937772535808 Project: skia Fuzzer: aflskiaandroidcodec Fuzz target binary: androidcodec Job Type: aflasanskia Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 4 Crash Address:...

ALPINE-CVE-2016-9104

Multiple integer overflows in the 1 v9fsxattrread and 2 v9fsxattrwrite functions in hw/9pfs/9p.c in QEMU aka Quick Emulator allow local guest OS administrators to cause a denial of service QEMU process crash via a crafted offset, which triggers an out-of-bounds access...

Debian DLA-552-1 : binutils security update

Some minor security issues have been identified and fixed in binutils in Debian LTS. These are : CVE-2016-2226 Exploitable buffer overflow. CVE-2016-4487 Invalid write due to a use-after-free to array btypevec. CVE-2016-4488 Invalid write due to a use-after-free to array ktypevec. CVE-2016-4489...