611 matches found
CVE-2026-56003
Summary: CVE-2026-56003 describes a heap buffer overflow in libXfont2’s PCF parsing (ComputeScaledProperties) due to missing size checks, affecting libXfont2 up to version before 2.0.8. Impact per sources: authenticated X clients could trigger code execution in the X server (per NVD entry). Affec...
CVE-2026-56001 libXfont2 BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow
A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont...
[SECURITY] Fedora 43 Update: perl-Imager-1.032-1.fc43
Imager is a module for creating and altering images. It can read and write various image formats, draw primitive shapes like lines,and polygons, blend multiple images together in various ways, scale, crop, render text and more...
UBUNTU-CVE-2026-53356
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...
[SECURITY] Fedora 43 Update: moby-engine-29.6.0-1.fc43
Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between =E2=80=94 and...
Linux Distros Unpatched Vulnerability : CVE-2026-53019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufre...
CVE-2026-53019
A flaw was found in the Linux kernel's clock clk driver for Spacemit's ccumix component. An inverted condition within the ccumixtriggerfc function can cause the system to skip frequency change triggers. This can lead to kernel panics during CPU frequency scaling, resulting in a Denial of Service...
EUVD-2026-38887
In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufreq scaling...
CVE-2026-53019
In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufreq scaling...
CVE-2026-53019 clk: spacemit: ccu_mix: fix inverted condition in ccu_mix_trigger_fc()
In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufreq scaling...
CVE-2026-52968
CVE-2026-52968 affects the Linux kernel KVM on s390. The root cause is double-scaling the GAIT table index: code in kvm_s390_pci_aif_enable(), kvm_s390_pci_aif_disable(), and aen_host_forward() multiplies the GAIT index by sizeof(struct zpci_gaite) even though gait is already a pointer to struct ...
PT-2026-51862
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM s390 PCI implementation where the GAIT table is indexed using double-scaling pointer arithmetic. The functions kvm s390 pci aif enable, kvm s390 pci aif disabl...
kernel: bnxt_en: Fix RSS context delete logic
A flaw was found in the bnxten driver of the Linux kernel. An issue in the RSS Receive Side Scaling context deletion logic can lead to a leak of VNICs Virtual Network Interface Controllers in the firmware. This can cause subsequent attempts to create new VNICs to fail, resulting in the loss of...
GHSA-H67P-54HQ-RP68 JS-YAML: Quadratic-complexity DoS in merge key handling via repeated aliases
Summary A crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relative...
CVE-2026-46669
OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...
CVE-2026-46669 `openvm-pairing` pairing check missing proper subfield check on scaling factor
OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...
CVE-2026-46669 `openvm-pairing` pairing check missing proper subfield check on scaling factor
OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...
CVE-2026-46669 `openvm-pairing` pairing check missing proper subfield check on scaling factor
OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's tryhonestpairingcheck function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a...
CVE-2026-46669
OpenVM-pairing vulnerability CVE-2026-46669: the openvm-pairing guest library’s try_honest_pairing_check previously did not verify that the scaling factor s lies in a proper subfield of Fp12, allowing incorrect pairing results. The issue has been patched in version 1.6.0; users should upgrade to ...
OpenVM 输入验证错误漏洞
OpenVM is an open-source, high-performance, and modularized zkVM framework designed for customization and scalability. Prior to OpenVM 1.6.0, there was a vulnerability related to input validation errors. This vulnerability stemmed from the tryhonestpairingcheck function in the openvm-pairing...