Monthly
Heap buffer over-write in ImageMagick's JP2 (JPEG 2000) encoder - present in all versions prior to 7.1.2-26 - allows an attacker to crash the process by supplying a maliciously crafted JP2 image file, resulting in a denial-of-service condition. The root cause is CWE-682 (Incorrect Calculation): argument handling logic in the JP2 encoder computes incorrect bounds, leading to an out-of-bounds heap write. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
wolfSSL's x86_64 Curve25519 scalar multiplication yields a non-canonical shared secret when carry propagation overflows into bit 255 during final modular reduction, producing a result in [p, 2^255) rather than the required canonical range [0, p). Both the x64 and AVX2 hand-written assembly paths in fe_x25519_asm.S are affected, and only specific edge-case scalar/point combinations trigger the flaw. wolfSSL self-reported this correctness defect and published a fix via GitHub PR #10536; no public exploit exists and the vulnerability is absent from CISA KEV.
Incorrect errno calculation in Netatalk 2.1.0 through 4.4.2 allows remote unauthenticated attackers to cause minor service disruption by triggering simultaneous error conditions that produce invalid composite error codes via bitwise OR misuse. The flaw (CWE-682, Incorrect Calculation) diverts execution into incorrect error-handling paths within the AFP file-sharing service, affecting availability at a low level (A:L) with no confidentiality or integrity impact. No public exploit or active exploitation has been identified at time of analysis; the CVSS score of 3.7 (Low) and high attack complexity (AC:H) reflect a limited real-world threat.
Incorrect hexadecimal-to-integer conversion in Netatalk 2.0.0 through 4.4.2 stems from a macro that fails to handle uppercase hex digits (A-F) correctly, producing wrong integer values during AFP protocol processing. An authenticated remote attacker with low privileges can exploit the flaw under high-complexity conditions to cause minor integrity corruption - for example, corrupted filename or attribute encoding. No public exploit code exists and the vulnerability is not listed in CISA KEV, making real-world exploitation unlikely in most environments. Fixed in Netatalk 4.5.0.
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required. No vendor patch available.
Zebra's block validator fails to count transparent signature operations correctly, allowing malicious miners to create blocks that exceed the 20,000 sigop consensus limit and trigger network splits between Zebra and zcashd nodes. The vulnerability affects Zebra versions prior to 4.4.0 and stems from two distinct accounting flaws: (1) coinbase input scriptSigs were excluded from legacy sigop counts, hiding up to 98 operations, and (2) P2SH redeem script sigops were only computed during mempool validation but never aggregated during block validation. A miner could craft a single block with 1,334+ P2SH spends to exceed the limit and partition the Zcash network. Vendor-released patch: Zebra 4.4.0 (confirmed by GitHub advisory GHSA-jv4h-j224-23cc). No public exploit identified at time of analysis.
Incorrect computation in CIRCL cryptographic library's CombinedMult function for secp384r1 (P-384) curve. Produces wrong elliptic curve multiplication results for specific inputs, potentially breaking ECDSA signature verification.
Incorrect rounding in the mulDiv() function of soroban-fixed-point-math versions 1.3.0 and 1.4.0 allows attackers to manipulate fixed-point arithmetic results in Soroban smart contracts by exploiting sign handling when both the intermediate product and divisor are negative. This affects all signed FixedPoint implementations (i64, i128, I256) and could enable financial miscalculations or loss of funds in dependent contracts. A patch is available in versions 1.3.1 and 1.4.1.
MAC learning failures in Juniper Junos OS Evolved's Layer 2 Control Protocol Daemon can be triggered by a network-adjacent attacker who repeatedly toggles the management interface, causing label-switched interface MAC address learning to halt while generating excessive logs and consuming high CPU resources. This calculation error (CWE-682) affects availability through denial of service and currently has no available patch. The attack requires network adjacency but no authentication or user interaction.
matrix-sdk-base is the base component to build a Matrix client library. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Heap buffer over-write in ImageMagick's JP2 (JPEG 2000) encoder - present in all versions prior to 7.1.2-26 - allows an attacker to crash the process by supplying a maliciously crafted JP2 image file, resulting in a denial-of-service condition. The root cause is CWE-682 (Incorrect Calculation): argument handling logic in the JP2 encoder computes incorrect bounds, leading to an out-of-bounds heap write. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.
wolfSSL's x86_64 Curve25519 scalar multiplication yields a non-canonical shared secret when carry propagation overflows into bit 255 during final modular reduction, producing a result in [p, 2^255) rather than the required canonical range [0, p). Both the x64 and AVX2 hand-written assembly paths in fe_x25519_asm.S are affected, and only specific edge-case scalar/point combinations trigger the flaw. wolfSSL self-reported this correctness defect and published a fix via GitHub PR #10536; no public exploit exists and the vulnerability is absent from CISA KEV.
Incorrect errno calculation in Netatalk 2.1.0 through 4.4.2 allows remote unauthenticated attackers to cause minor service disruption by triggering simultaneous error conditions that produce invalid composite error codes via bitwise OR misuse. The flaw (CWE-682, Incorrect Calculation) diverts execution into incorrect error-handling paths within the AFP file-sharing service, affecting availability at a low level (A:L) with no confidentiality or integrity impact. No public exploit or active exploitation has been identified at time of analysis; the CVSS score of 3.7 (Low) and high attack complexity (AC:H) reflect a limited real-world threat.
Incorrect hexadecimal-to-integer conversion in Netatalk 2.0.0 through 4.4.2 stems from a macro that fails to handle uppercase hex digits (A-F) correctly, producing wrong integer values during AFP protocol processing. An authenticated remote attacker with low privileges can exploit the flaw under high-complexity conditions to cause minor integrity corruption - for example, corrupted filename or attribute encoding. No public exploit code exists and the vulnerability is not listed in CISA KEV, making real-world exploitation unlikely in most environments. Fixed in Netatalk 4.5.0.
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required. No vendor patch available.
Zebra's block validator fails to count transparent signature operations correctly, allowing malicious miners to create blocks that exceed the 20,000 sigop consensus limit and trigger network splits between Zebra and zcashd nodes. The vulnerability affects Zebra versions prior to 4.4.0 and stems from two distinct accounting flaws: (1) coinbase input scriptSigs were excluded from legacy sigop counts, hiding up to 98 operations, and (2) P2SH redeem script sigops were only computed during mempool validation but never aggregated during block validation. A miner could craft a single block with 1,334+ P2SH spends to exceed the limit and partition the Zcash network. Vendor-released patch: Zebra 4.4.0 (confirmed by GitHub advisory GHSA-jv4h-j224-23cc). No public exploit identified at time of analysis.
Incorrect computation in CIRCL cryptographic library's CombinedMult function for secp384r1 (P-384) curve. Produces wrong elliptic curve multiplication results for specific inputs, potentially breaking ECDSA signature verification.
Incorrect rounding in the mulDiv() function of soroban-fixed-point-math versions 1.3.0 and 1.4.0 allows attackers to manipulate fixed-point arithmetic results in Soroban smart contracts by exploiting sign handling when both the intermediate product and divisor are negative. This affects all signed FixedPoint implementations (i64, i128, I256) and could enable financial miscalculations or loss of funds in dependent contracts. A patch is available in versions 1.3.1 and 1.4.1.
MAC learning failures in Juniper Junos OS Evolved's Layer 2 Control Protocol Daemon can be triggered by a network-adjacent attacker who repeatedly toggles the management interface, causing label-switched interface MAC address learning to halt while generating excessive logs and consuming high CPU resources. This calculation error (CWE-682) affects availability through denial of service and currently has no available patch. The attack requires network adjacency but no authentication or user interaction.
matrix-sdk-base is the base component to build a Matrix client library. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.