BELL-CVE-2026-23008 CVE-2026-23008 does not affect BellSoft software

Bulletin has no description...

CVE-2026-23008

A NULL pointer dereference vulnerability was found in the Linux kernel's VMware graphics vmwgfx driver. On VMware hardware version 10, which lacks GB Surfaces support, attempting to use 3D acceleration with KMS Kernel Mode Setting causes the driver to dereference a NULL backing buffer pointer for...

CVE-2026-23008

creationtimestamp| type| source ---|---|--- 2026-01-25 16:03:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdb46kv3yu2r...

DEBIAN-CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

CVE-2026-23008

CVE-2026-23008 affects the Linux kernel drm/vmwgfx path on HW version 10. The issue arises in KMS with 3D on HW10 when there are no GB Surfaces and no backing buffer for surface-backed framebuffers, leading to a possible NULL dereference and a driver crash that can cause a black screen. A fix was...

Linux Distros Unpatched Vulnerability : CVE-2026-23008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in ...

CVE-2022-23008

On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software...

AlmaLinux 10 : mysql8.4 (ALSA-2025:23008)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:23008 advisory. mysql: DML unspecified vulnerability CPU Oct 2025 CVE-2025-53053 mysql: InnoDB unspecified vulnerability CPU Oct 2025 CVE-2025-53044 mysql: InnoDB...

Oracle Linux 10 : mysql8.4 (ELSA-2025-23008)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23008 advisory. 8.4.7-1 - Rebase to 8.4.7 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus ha...

CVE-2024-30363

CVE-2024-30363 affects Foxit PDF Reader (U3D File Parsing) and related Foxit components. The issue is an out-of-bounds read caused by inadequate validation of U3D data during parsing, leading to potential information disclosure and, in combination with other flaws, possible code execution in the ...

CVE-2024-30363 Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must...

[SECURITY] Fedora 36 Update: libheif-1.15.2-1.fc36

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

[SECURITY] Fedora 37 Update: libheif-1.15.2-1.fc37

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

Fedora: Security Advisory for libheif (FEDORA-2023-440c8694e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libheif (FEDORA-2023-fd63c401df)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libheif (FEDORA-2023-e679ea4fa2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: libheif-1.15.2-1.fc38

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

K51213246: BIG-IP APM AD authentication vulnerability CVE-2021-23008

Security Advisory Description BIG-IP APM AD Active Directory authentication can be bypassed using a spoofed AS-REP Kerberos Authentication Service Response response sent over a hijacked KDC Kerberos Key Distribution Center connection, or from an AD server compromised by an attacker.CVE-2021-23008...

K57735782: NGINX Controller API Management vulnerability CVE-2022-23008

Security Advisory Description An authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. CVE-2022-23008 Impact Successful exploitation...

CVE-2022-23008

Summary: CVE-2022-23008 affects the NGINX Controller API Management software (versions 3.18.0–3.19.0). Vulnerability: An authenticated user with the user or admin role can access undisclosed API endpoints to inject JavaScript that runs on managed NGINX data plane instances. The Red Hat advisory c...