uutils coreutils has an Unchecked Return Value Issue

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

USN-8198-1: Tornado vulnerabilities

It was discovered that Tornado incorrectly handled parsing of large multipart request bodies. An attacker could possibly use this issue to cause a denial of service. CVE-2026-31958 It was discovered that Tornado did not properly validate characters in cookie values. An attacker could possibly use...

USN-8198-1 python-tornado vulnerabilities

It was discovered that Tornado incorrectly handled parsing of large multipart request bodies. An attacker could possibly use this issue to cause a denial of service. CVE-2026-31958 It was discovered that Tornado did not properly validate characters in cookie values. An attacker could possibly use...

Exploit for Out-of-bounds Write in Google Chrome

all credit goes to DARKNAVY's scripthttps://gi...

EUVD-2026-24943

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

EUVD-2026-24867

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

GHSA-MH6W-VXFF-9WQP PHPUnit: Argument injection via newline in PHP INI values forwarded to child processes

Impact PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string delimiter, ; as the start of a comment, and most importantly a newli...

CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

CVE-2026-31525

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

CVE-2026-31495

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

CVE-2026-31521

The CVE-2026-31521 issue is in the Linux kernel module loader’s simplify_symbols() where an out-of-bounds st_shndx (eg SHN_XINDEX) could cause a kernel panic. The patch adds validation of st_shndx against the valid range before using it, preventing the potential crash. Several OSV entries (Debian...

CVE-2026-31470 virt: tdx-guest: Fix handling of host controlled 'quote' buffer length

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

CVE-2026-33602

CVE-2026-33602 concerns PowerDNS DNSdist (and related Linux distros) where a rogue backend can send a crafted UDP response with a query ID off by one relative to the maximum configured value. This leads to an out-of-bounds write and a denial of service. The connected documents confirm the same ro...

SUSE-SU-2026:21320-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses bsc1261214. - CVE-2025-66037: crafted input can cause an out-of-bounds read bsc1261218. - CVE-2025-66038: improper compact-TLV length validation can lead to...

CVE-2026-35332

NULL-Pointer Dereference When Handling ECDH Public Value in TLS...

UBUNTU-CVE-2026-35332

NULL-Pointer Dereference When Handling ECDH Public Value in TLS...

CVE-2026-22747 Unauthorized User Impersonation when Using X.509 Client Certificates

Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user...

OSV-2026-610 Memcpy-param-overlap in htx_replace_blk_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504612570 Crash type: Memcpy-param-overlap Crash state: htxreplaceblkvalue httpreplaceheadervalue httpschemebasednormalize...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a hardcoded value for hdr2len, potentially leading to errors in response buffer management...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from undefined behavior during the processing of INTMIN by the BPF interpreter sdiv/smod. This...