CVE-2026-9143

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions...

CVE-2026-9143

CVE-2026-9143 describes an incorrect conversion between numeric types in NI grpc-device due to missing range checks in CodeGen, potentially discarding high bits when a size value exceeds the target type’s range. Affected: NI grpc-device ≤ 2.17.0. Metrics: CVSSv3.1 base 3.7 (LOW); CVSSv4.0 base 6....

CVE-2026-9143 Incorrect Conversion between Numeric Types in NI grpc-device due to missing range checks in CodeGen

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions...

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. Some SMB1 write requests were not properly range-checked to ensure that the client had sent enough data to complete the write operation. As a result, the contents of the server’s memory were written to the file or printer, rather than the data provided by the clien...

CLSA-2026-1779223801 samba: Fix of CVE-2022-32742

CVE-2022-32742: fix server memory information leak via SMB1; insufficient range-check on SMB1 write request length allowed server memory contents to leak into the written file or printer instead of client-supplied bytes...

OESA-2026-2230 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: A out-of-bounds access occurred in dtv5100i2cmsg. The rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if the rlen value is set to a value...

CVE-2026-42371

uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes...

CVE-2026-42371

uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes...

Uriparser 安全漏洞

UriParser is a C89-compatible library for parsing and processing URIs, strictly conforming to RFC 3986 standards. Versions of UriParser prior to 1.0.1 contained security vulnerabilities, which were caused by numerical truncation during text range comparisons...

netfilter: ctnetlink: use netlink policy range checks

...

CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

Linux Distros Unpatched Vulnerability : CVE-2026-31495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that...

CVE-2026-5466

CVE-2026-5466 affects wolfSSL’s ECCSI verifier wc_VerifyEccsiHash, which decodes r and s without validating they lie in [1, q-1]. This could allow forging a signature to verify against any message for any identity using publicly-known constants. Connected docs confirm the root cause: missing sani...

OPENSUSE-SU-2026:20138-1 Security update for jasper

This update for jasper fixes the following issues: Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the J...

SUSE-SU-2026:20200-1 Security update for jasper

This update for jasper fixes the following issues: Update to 4.2.8: - CVE-2025-8837: Fixed a bug in the JPC decoder that could cause bad memory accesses if the debug level is set sufficiently high bsc1247901. - CVE-2025-8836: Added some missing range checking on several coding parameters in the J...

MiracleLinux 8 : java-17-openjdk-17.0.10.0.7-2.el8 (AXSA:2024-7459:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7459:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: incorrect handling of ZIP files with...

CVE-2025-68819

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...