Astra Linux – Vulnerability in libxml2

A flaw was discovered in the xmlBuildQName function of libxml2. Integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue may result in memory corruption or a denial of service when processing malicious input...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fbcon: fixed integer overflow in fbcondosetfont. Integer overflow vulnerabilities have been addressed in fbcondosetfont, where font size calculations might cause overflow when handling user-controlled font parameters. These...

USN-8329-1: FFmpeg vulnerability

It was discovered that the FFmpeg CAF decoder incorrectly handled certain file size calculations. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service...

CLSA-2026-1768413370 libpq: Fix of CVE-2025-12818

CVE-2025-12818: fix integer overflow in libpq size calculations to prevent undersized allocations and potential out-of-bounds writes from untrusted inputs...

CVE-2022-50763

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...

CVE-2025-12818

Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundreds of megabytes. This results in a segmentation fault for the application using libpq. Versions...

AZL-68468 CVE-2025-39967 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...

CVE-2025-39967

CVE-2025-39967 affects the Linux kernel, specifically a vulnerability in fbcon_do_set_font where integer overflow in font size calculations could occur when processing user-controlled parameters. The issue stems from unsafe size calculations in CALC_FONTSZ(h, pitch, charcount) and related allocat...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an integer overflow in font size calculations, which could lead to a buffer overflow...

CLSA-2025-1759856673 Fix CVE(s): CVE-2025-55154

SECURITY UPDATE: memory corruption vulnerability from unsafe magnified size calculations in ReadOneMNGIMage - debian/patches/CVE-2025-55154.patch: Fix type mismatch issue in png.c causing incorrect image dimensions calculation - CVE-2025-55154...

EUVD-2024-53793

Malicious code in bioql PyPI...

EUVD-2023-39841

Malicious code in bioql PyPI...

CLSA-2025-1759336759 libxml2: Fix of CVE-2025-6021

CVE-2025-6021: fix integer overflows in buffer size calculations...

libxml2: Fix of CVE-2025-6021

CVE-2025-6021: fix integer overflows in buffer size calculations...

OESA-2025-2194 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage in coders/png.c are unsafe and can overflow, leading to memory corruption. This issue has been...

CLSA-2025-1752655171 libxml2: Fix of 3 CVEs

CVE-2025-49794: fix use-after-free issue triggered by processing certain elements in input XML file. - CVE-2025-49796: fix memory corruption issue triggered by processing certain sch:name elements in input XML file. - CVE-2025-6021: fix integer overflow in buffer size calculations to prevent...

libgepub 输入验证错误漏洞

libgepub is a simple library by danigm personal developer that uses glib to read epub files. An input validation error vulnerability exists in libgepub that stems from incorrectly calculating file sizes when processing EPUB files, which could lead to a denial of service...

CVE-2025-6021

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

CVE-2019-14066

Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag...