Lucene search
K

164 matches found

OSV
OSV
added 2026/06/10 5:7 a.m.5 views

MGASA-2026-0186 Updated libxpm packages fix security vulnerability

libXpm Out-of-bounds read in xpmNextWord. CVE-2026-4367...

5.5CVSS5.4AI score0.00129EPSS
Exploits0References4
Mageia
Mageia
added 2026/06/10 5:7 a.m.8 views

Updated libxpm packages fix security vulnerability

libXpm Out-of-bounds read in xpmNextWord. CVE-2026-4367...

5.5CVSS5.3AI score0.00129EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Amazon Linux 2023 : libXpm, libXpm-devel (ALAS2023-2026-1656)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1656 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Ness...

5.5CVSS4.8AI score0.00129EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.10 views

Siemens Teamcenter PDF.js Arbitrary Code Execution (SSA-827383)

The version of Siemens Teamcenter installed on the remote host is affected by a vulnerability: - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. CVE-2024-4367 Note that Nessus has not tested for this issue but has...

8.8CVSS7.6AI score0.72648EPSS
Exploits15References2
Amazon
Amazon
added 2026/05/14 12:0 a.m.14 views

Medium: libXpm

Issue Overview: As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Affected Packages: libXpm Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correctio...

5.8AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

Amazon Linux 2 : libXpm, --advisory ALAS2-2026-3291 (ALAS-2026-3291)

The version of libXpm installed on the remote host is prior to 3.5.12-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3291 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description...

5.5CVSS4.9AI score0.00129EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/24 12:0 a.m.7 views

libXpm-devel-3.5.18-2.1 on GA media (moderate)

libXpm-devel-3.5.18-2.1 on GA media Announcement ID: openSUSE-SU-2026:10608-1 Rating: moderate Cross-References: CVE-2026-4367 CVSS scores: CVE-2026-4367 SUSE : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-4367 SUSE : 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:...

6.3CVSS5.3AI score0.00129EPSS
Exploits0
Circl
Circl
added 2026/04/22 2:1 a.m.5 views

CVE-2026-4367

creationtimestamp| type| source ---|---|--- 2026-04-22 02:01:17+00:00| seen| https://bsky.app/profile/slackers.it/post/3mk2fo63fp42q 2026-05-10 20:00:10+00:00| seen| https://jvn.jp/en/jp/JVN18013369 2026-06-26 22:50:45+00:00| seen|...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/22 1:40 a.m.7 views

SUSE CVE-2026-4367

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

6.3CVSS4.7AI score0.00129EPSS
Exploits0References4
Slackware Linux
Slackware Linux
added 2026/04/22 12:44 a.m.11 views

[slackware-security] libXpm

New libXpm packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libXpm-3.5.19-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Out-of-bounds read in xpmNextWord. For more...

5.8AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Slackware Linux 15.0 / current libXpm Vulnerability (SSA:2026-111-01)

The version of libXpm installed on the remote host is prior to 3.5.19. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-111-01 advisory. New libXpm packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-4367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a...

5.5CVSS4.7AI score0.00129EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/23 2:28 p.m.4 views

EUVD-2026-4367

Insertion of Sensitive Information Into Sent Data vulnerability in bPlugins B Accordion b-accordion allows Retrieve Embedded Sensitive Data.This issue affects B Accordion: from n/a through = 2.0.0...

5.4AI score0.00276EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : firefox-115.11.0-1.0.1.el7.AXS7 (AXSA:2024-7743:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7743:18 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

8.8CVSS8AI score0.72648EPSS
Exploits18References7
OpenVAS
OpenVAS
added 2025/11/10 12:0 a.m.3 views

Debian: Security Advisory (DLA-4367-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00196EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/07 12:0 a.m.1 views

Debian dla-4367 : keystone - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4367 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/...

5.5AI score
Exploits0References2
OSV
OSV
added 2025/11/07 12:0 a.m.2 views

DLA-4367-1 keystone - security update

Bulletin has no description...

7.5CVSS7AI score0.00196EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/22 11:13 a.m.7 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in pdfjs-dist-2.4.456.tgz

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in pdfjs-dist-2.4.456.tgz Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js...

8.8CVSS8.7AI score0.72648EPSS
Exploits15Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/16 12:29 p.m.4 views

Security Bulletin: IBM ICCSAP cross site scripting vulnerablity fix.

Summary Vulnerability were disclosed part of Cross Site Scripting With PDF Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox 126,...

8.8CVSS7.8AI score0.72648EPSS
Exploits15Affected Software2
Circl
Circl
added 2025/09/09 9:2 p.m.7 views

CVE-2007-4367

creationtimestamp| type| source ---|---|--- 2025-09-09 21:02:29+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjfsfng22...

9.3CVSS5.9AI score0.08248EPSS
Exploits1References1
Rows per page
Query Builder