PT-2026-34430

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The BPF interpreter contains undefined behavior in its signed 32-bit division and modulo handlers. This occurs because the abs macro is used on s32 operands; when the input is the type...

EUVD-2017-18967

Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

CVE-2017-20230

Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

CVE-2017-20230 Storable versions before 3.05 for Perl has a stack overflow

Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

CVE-2017-20230

CVE-2017-20230 affects Perl’s Storable before 3.05. The issue arises in retrieve_hook, which stores the class-name length as a signed int but reads it as unsigned, enabling crafted data to trigger a stack overflow during read operations. Public reports confirm a high-impact condition (CRITICAL) w...

CVE-2017-20230

Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010751 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhostiotlbaddrangectx, range size can...

CVE-2026-40335 libgphoto2 has OOB read in ptp_unpack_DPV() UINT128/INT128 handling in ptp-pack.c

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in ptpunpackDPV in camlibs/ptp2/ptp-pack.c lines 622–629. The UINT128 and INT128 cases advance offset += 16 without verifying that 16 bytes remain in the buffer. The entry check at li...

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to openid4java

Summary IBM webMethods BPM uses openid4java to implement OpenID-based authentication Vulnerability Details CVEID:CVE-2011-4314 DESCRIPTION: message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before...

CVE-2026-22734

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

Cloud Foundry cf-deployment和Cloud Foundry UUA 安全漏洞

Cloud Foundry cf-deployment and Cloud Foundry UUA are both products of the American Cloud Foundry Foundation. Cloud Foundry cf-deployment is a Cloud Foundry deployment tool. Cloud Foundry UUA is an identity authentication and authorization management service. There are security vulnerabilities in...

EUVD-2026-23322

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

CVE-2026-22734 Cloud Foundry UAA SAML 2.0 Signature Bypass

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

CVE-2026-22734

CVE-2026-22734 is a Cloud Foundry UAA vulnerability: when SAML 2.0 bearer assertions are enabled, UAA accepts unsigned/unencrypted SAML 2.0 bearer assertions, allowing an attacker to bypass token validation and obtain a token for any user. Affected are Cloud Foundry UAA versions v77.21.0–v78.8.0 ...

PT-2026-33375

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

GHSA-HV4R-MVR4-25VW MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads

Impact What kind of vulnerability is it? Who is impacted? An authentication bypass vulnerability in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allows any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid...

MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads

Impact What kind of vulnerability is it? Who is impacted? An authentication bypass vulnerability in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allows any user who knows a valid access key to write arbitrary objects to any bucket without knowing the secret key or providing a valid...

CVE-2026-5444

A heap buffer overflow vulnerability exists in the PAM image parsing logic. When Orthanc processes a crafted PAM image embedded in a DICOM file, image dimensions are multiplied using 32-bit unsigned arithmetic. Specially chosen values can cause an integer overflow during buffer size calculation,...

CVE-2026-5442

A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation VR Unsigned Long UL, instead of the expected VR Unsigned Short US, which allows extremely large dimensions to be processed. This causes an integer overflow during frame...