PT-2026-47841

Issue summary: When the X509 VERIFY PARAM set1 email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Impact summary: This out of bounds read will not directly exfiltrate the data read to the attacker so...

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

SUSE SLES15 / openSUSE 15 Security Update : GraphicsMagick (SUSE-SU-2026:0874-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0874-1 advisory. This update for GraphicsMagick fixes the following issue: - CVE-2026-25799: Division-by-Zero in YUV sampling factor validation leads to...

SUSE-SU-2026:0874-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issue: - CVE-2026-25799: Division-by-Zero in YUV sampling factor validation leads to crash bsc1258786...

EUVD-2017-3760

Malware in sbrugna...

EUVD-2023-50117

Malicious code in bioql PyPI...

MongoDB 5.0.x < 5.0.31 / 6.0.x < 6.0.20 / 7.0.x < 7.0.16 DoS (SERVER-103152)

The version of MongoDB installed on the remote host is 5.0 prior to 5.0.31, 6.0 prior to 6.0.20 and 7.0 prior to 7.0.16. It is, therefore, affected by a vulnerability as referenced in the SERVER-103152 advisory. - Specifically crafted MongoDB wire protocol messages can cause mongos to crash durin...

CVE-2025-6703

Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2...

CVE-2025-20036

Mattermost Mobile Apps versions =2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...

CVE-2022-30720

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash...

CVE-2020-6347

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2022-49894 cxl/region: Fix region HPA ordering validation

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix region HPA ordering validation Some regions may not have any address space allocated. Skip them when validating HPA order otherwise a crash like the following may result: devmcxladdregion: cxlacpi cxlacpi.0:...

GHSA-82VG-5V4F-F9WQ Namada-apps can Crash with Excessive Computation in Mempool Validation

Impact A malicious transaction may cause a crash in mempool validation. A transaction with authorization section containing 256 public keys or more with valid matching signatures triggers an integer overflow in signature verification that causes a the node to panic. Patches This issue has been...

Improper Input Validation

Mattermost is vulnerable to Improper Input Validation. The vulnerability is due to a failure to properly validate post props, which can result in a crash when malicious posts are processed...

CVE-2025-20072

Mattermost Mobile vulnerable: versions

CVE-2025-20086

Mattermost versions 10.2.x = 10.2.0, 9.11.x = 9.11.5, 10.0.x = 10.0.3, 10.1.x = 10.1.3 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post...

CVE-2025-21083

Mattermost Mobile Apps vulnerability CVE-2025-21083 affects Mattermost Mobile Apps versions

ASB-A-246542285

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE CVE-2008-4482

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...

DEBIAN-CVE-2022-3616

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to crash, preventing it from finishing the validation and leading to a denial of service. Credits to Donika Mirdita and Haya Shulman - Fraunhofer...