SUSE CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

ALPINE-CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

CVE-2026-42959 Crash during DNSSEC validation of malicious content

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

CVE-2026-42959 Crash during DNSSEC validation of malicious content

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

EUVD-2026-31084

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevented underflow in nfssvcdecodewriteargs Smatch reported the issue as follows: fs/nfsd/nfsxdr.c:341 nfssvcDecodeWriteArgs Warning: no lower bound on ‘args-len’ The type of the variable has been changed to unsigned to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow The current implementation cannot configure more than 32 pins due to an incorrect data type. Therefore, type casting using unsigned long is used to avoid this issue...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick, specifically in the files MagickCore/colorspace-private.h and MagickCore/quantum.h. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned char, and...

Astra Linux - уязвимость в openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

Astra Linux - уязвимость в openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapDecode This patch fixes unnecessary implicit conversions that change the signedness of bloblen and nummon in cephmonmapDecode. Currently, bloblen and nummon are signed int...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 “net: sched: support hash selecting tx queue” added support for SKBEDITFTXQSKBHASH. The inclusive range size is computed as follows: mappingmod =...

Astra Linux - уязвимость в binutils

GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper input validation, signed/unSigned comparison, out-of-bounds reading. The impact is: Denial of service. The component involved is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file...

PT-2026-42132

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description A denial of service issue exists in the DNSSEC validator. When constructing chase-reply messages for validation, the software uses an incorrect counter to calculate write offsets for...

CVE-2026-48131 - VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero

Symptoms - The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality. - The...

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

Malicious code in to-cms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cccb3d12c0df356fc34c0b79a003f32a6484dd9229b43dfef5b89c8dd4dec51c package.json declares postinstall: node index.js. On npm install, index.js unconditionally HTTPS-GETs https://meet-fr.com/ChromeSetup.exe, writes it ...