RockyLinux 9 : corosync (RLSA-2026:19200)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19200 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer...

RLSA-2026:19200 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

RHEL 9 : corosync (RHSA-2026:19200)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19200 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

PgBouncer 输入验证错误漏洞

PgBouncer is an open-source, lightweight connection pool for PostgreSQL developed by the PgBouncer community. Prior to PgBouncer 1.25.2, there was a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows in the network packet parsing code, which allowe...

RHEL 10 : corosync (RHSA-2026:14205)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14205 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes:...

RHEL 9 : corosync (RHSA-2026:14212)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14212 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...

ALSA-2026:13673 Moderate: corosync security update

The corosync packages provide the Corosync Cluster Engine and C APIs for AlmaLinux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions prior to ONE 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of memory copy sizes, which could lead t...

OESA-2026-1966 corosync security update

This package contains the Corosync Cluster Engine Executive, several default APIs and libraries, default configuration files, and an init script. Security Fixes: A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membersh...

SUSE CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

CVE-2026-35092

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

LibTIFF 输入验证错误漏洞

LibTIFF is an open-source library for reading and writing TIFF Tagged Image File Format files. This library includes some command-line tools for processing TIFF files. LibTIFF has a vulnerability related to input validation errors. This vulnerability stems from an integer overflow in the...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 146.0.7680.153, there was a vulnerability related to input validation. This vulnerability stemmed from an integer overflow in the ANGLE component of the Windows system, which could allow remote attackers to exploit heap...

EUVD-2022-32321

Malicious code in bioql PyPI...

Fortinet多款产品 输入验证错误漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy SSL VPN is a software application.Fortinet FortiPAM is a platform for privilege access control. An input validation...

webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution

A flaw was found in webkitgtk. The vulnerability occurs due to improper input validation, which can lead to an integer overflow. An attacker with network access could pass specially crafted web content files causing an application to halt, crash, or may lead to arbitrary code execution...

CVE-2022-35963

TensorFlow is an open source platform for machine learning. The implementation of FractionalAvgPoolGrad does not fully validate the input originputtensorshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack. We have patched the...

Ashlar-Vellum Cobalt 输入验证错误漏洞

Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. An input validation error vulnerability exists in Ashlar-Vellum Cobalt, which stems from an integer overflow when parsing an LI file and could lead to remote code execution...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...

GTKWave 输入验证错误漏洞

GTKWave is a full-featured, GTK+-based waveform viewer from GTKWave. An integer overflow vulnerability exists in GTKWave version 3.3.115, which can be exploited by an attacker to cause arbitrary code execution via a specially crafted fst file...