215 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-58016
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GLib. A state confusion issue exists in gdbusnodeinfonewforxml in the gio/gdbusintrospection.c file when processing malformed D-Bus...
RLSA-2023:6621 Moderate: protobuf-c security update
The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fixes: protobuf-c: unsigned integer overflow in parserequiredmember CVE-2022-48468 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, ref...
protobuf-c security update
An update is available for protobuf-c. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The protobuf-c packages provide C bindings for Google's Protocol Buffers...
libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling
A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...
CVE-2026-47223
NanaZip (derivative of 7‑Zip) is affected from 3.0.1000.0 up to before 6.0.1698.0. The vulnerability is a heap out‑of‑bounds read in the AVB vbmeta image parser (AvbHandler) caused by a 32‑bit unsigned overflow in the bounds check (pos + ht.salt_len > descSize) that lets an attacker‑controlled...
CVE-2026-7383
A flaw was found in OpenSSL. A signed integer overflow vulnerability exists when sizing the destination buffer for Unicode output. This can lead to a heap buffer overflow, which may result in a crash or potentially allow an attacker to execute arbitrary code. Exploitation requires an application ...
Astra Linux – Vulnerability in protobuf-c, libsignal-protocol-c
Protobuf-c before version 1.4.1 has an unsigned integer overflow in the parserequiredmember field...
Astra Linux – Vulnerability in imagemagick
In ImageMagick, there is a value of the type 'unsigned int' that is outside the representable range in MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/rose: integer overflows can occur when using rosesetsockopt with potentially excessively large arguments, along with additional values being applied to them. To mitigate this issue, perform the following actions as a minimum...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...
SUSE CVE-2026-43341
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...
UBUNTU-CVE-2026-42268
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...
UBUNTU-CVE-2026-43341
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...
MGASA-2026-0112 Updated libexif packages fix security vulnerabilities
CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of unsigned integer arithmetic in the message size calculation function ipcvalidatemsg,...
modsecurity3 -- multiple vulnerabilities
ModSecurity is an open source web application firewall engine. According to the upstream changelog, multiple vulnerabilities have been fixed. CVE-2026-42268: unsigned integer underflow in verify operators CVE-2026-30923: buffer overflow in hexdecode...
OSV-2026-505 UNKNOWN READ in unsigned int Assimp::StreamReader<true, true>::Get<unsigned int>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=498284131 Crash type: UNKNOWN READ Crash state: unsigned int Assimp::StreamReader::Get void Assimp::Blender::ConvertDispatcher void Assimp::Blender::Structure::ReadField...
CVE-2026-34548 iccDEV: UB at IccUtilXml.cpp
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...
SUSE CVE-2026-23343
In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...
EUVD-2026-15371
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'qsum' and 'qpsum'. Using unsigned int, the same integer size a...