742 matches found
PT-2026-47225
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027630 Crash type: Heap-use-after-free READ 4 Crash state: slice segment header::operator= slice segment header::read decoder context::read slice NAL...
OSV-2026-815 Heap-buffer-overflow in ihevcd_sao_shift_ctb
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422427 Crash type: Heap-buffer-overflow READ 1 Crash state: ihevcdsaoshiftctb ihevcdprocess ihevcdparseslicedata...
PT-2026-47120
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422427 Crash type: Heap-buffer-overflow READ 1 Crash state: ihevcd sao shift ctb ihevcd process ihevcd parse slice data...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fixed the issue with zerovruntime tracking. John reported that stress-ng-yield could cause his machine to behave abnormally. He managed to bisect the process to commit the change identified as b3d99f43c72b „sched/fair...
Astra Linux – Vulnerability in libde265
The Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service through the slicesegmentheader function in the slice.cc component...
OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads
Summary The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. Details The vulnerable logic is in pkg/ebpf/common/sqldetectpostgres.go. In th...
GHSA-W8J3-PQ8G-8M7W iskorotkov/avro: CPU Exhaustion in Decoder
CPU Exhaustion in Avro Decoder via Unbounded Block-Count Iteration Summary The Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is...
PT-2026-41783
Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description The Postgres protocol parser incorrectly assumes that BIND message payloads contain a valid NUL-terminated portal name. When processing a crafted empty or unterminated...
SUSE-SU-2026:1868-1 Security update for firebird
This update for firebird fixes the following issues - CVE-2025-65104: Information leak vulnerability in firebird3 client when used with newer = 4 server bsc1262330. - CVE-2026-27890: Pre-Auth DOS bsc1262328. - CVE-2026-28212: One packet DoS bsc1262329. - CVE-2026-28214: Server hangs when using...
SUSE CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
PT-2026-39596
A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf nsmf handle update data in vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulation of the argument qosFlowProfile leads to denial of service. Remote exploitation of the attac...
EUVD-2026-28607
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
UBUNTU-CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
CVE-2026-43323 sched/fair: Fix zero_vruntime tracking fix
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
CVE-2026-43323
CVE-2026-43323 refers to a Linux kernel scheduler flaw in the fair scheduling component where zero_vruntime tracking could become inconsistent under certain conditions (e.g., frequent yield and multi‑cgroup scenarios). The linked sources describe a specific scenario with two runnable tasks exchan...
EUVD-2026-28480
A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogssbidiscoveryoptionaddservicenames in the library /lib/sbi/message.c of the component NSSF. The manipulation results in denial of service. The attack may be performed from remote. The exploit has been made public and...
EUVD-2026-28478
A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssfnnrfnsselectionhandlegetfromamforvnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Executing a manipulation can lead to denial of service. The attack can be executed remotely. The exploit has...
CVE-2026-8123
A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogssbidiscoveryoptionaddsnssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes denial of service. It is possible to initiate the attack remotely. The exploit has been publicly...