CVE-2026-48065

The CVE-2026-48065 issue affects pam_usb for Linux prior to version 0.9.1. In src/conf.c, heap memory is allocated as size proportional to n_devices (derived from libxml2 XPath on the config file) without an upper bound. On 32-bit targets (armv7l, i686 listed in the Makefile), n_devices * sizeof(...

CVE-2026-48065 pam_usb: Unchecked integer multiplication before xmalloc() in conf.c allows heap-based buffer overflow on 32-bit targets

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to ndevices, a count derived from libxml2 XPath evaluation of the config file, without first enforcing an upper bound. On 32-bit targets armv7l, i686 --...

CVE-2026-48065 pam_usb: Unchecked integer multiplication before xmalloc() in conf.c allows heap-based buffer overflow on 32-bit targets

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/conf.c allocates heap memory proportional to ndevices, a count derived from libxml2 XPath evaluation of the config file, without first enforcing an upper bound. On 32-bit targets armv7l, i686 --...

EUVD-2018-10908

Malware in sbrugna...

EUVD-2016-7773

Malware in sbrugna...

CVE-2025-6035 Gimp: gimp integer overflow

A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel imgbpp, which can result in allocating insufficient memory and subsequently performi...

Snappy 输入验证错误漏洞

Snappy is a PHP library from KNP Labs Individual Developers that allows thumbnails, snapshots, or PDFs to be generated from url or html pages. Snappy An input validation error vulnerability exists in versions prior to snappy-java 1.1.10.1, which stems from an unchecked multiplication operation th...

snappy-java 输入验证错误漏洞

snappy-java is the java port of snappy, a compression program by Taro L. Saito Personal Developer. An input validation error vulnerability exists in versions of snappy-java prior to 1.1.10.1, which stems from an unchecked multiplication operation that could result in an integer overflow leading t...

SUSE CVE-2018-19199

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery or uriComposeQueryEx function because of an unchecked multiplication...

uriparser: Integer overflow via uriComposeQuery* or uriComposeQueryEx* function

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery or uriComposeQueryEx function because of an unchecked multiplication...

Integer Overflow

QEMU is vulnerable to integer overflow attacks. This occurs in the nettxpktinit function in hw/net/nettxpkt.c. A local user can cause an application crash via the maximum fragmentation count which also triggers an unchecked multiplication and null pointer dereference as well...

CVE-2018-19199

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery or uriComposeQueryEx function because of an unchecked multiplication...

DEBIAN-CVE-2018-19199

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery or uriComposeQueryEx function because of an unchecked multiplication...

UBUNTU-CVE-2018-19199

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery or uriComposeQueryEx function because of an unchecked multiplication...

CVE-2018-19199

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery or uriComposeQueryEx function because of an unchecked multiplication...

SUSE-SU-2016:2714-1 Security update for curl

This update for curl fixes the following security issues: - CVE-2016-8624: invalid URL parsing with '' bsc1005646 - CVE-2016-8623: Use-after-free via shared cookies bsc1005645 - CVE-2016-8621: curlgetdate read out of bounds bsc1005642 - CVE-2016-8619: double-free in krb5 code bsc1005638 -...

CURL-CVE-2016-8617 OOB write via unchecked multiplication

In libcurl's base64 encode function, the output buffer is allocated as follows without any checks on insize: malloc insize 4 / 3 + 4 On systems with 32-bit addresses in userspace e.g. x86, ARM, x32, the multiplication in the expression wraps around if insize is at least 1GB of data. If this...

Integer overflow

Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related...

Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within AudioMixer.x32...